1. Cross-site scripting (reflected)
1.1. http://www.tagged.com/api/ [data parameter]
1.2. http://www.tagged.com/api/ [data parameter]
4. Cross-domain Referer leakage
4.1. http://www.tagged.com/help.html
4.2. http://www.tagged.com/index.html
4.3. http://www.tagged.com/terms_of_service.html
5. Cross-domain script include
5.2. http://www.tagged.com/browse.html
5.3. http://www.tagged.com/find_groups.html
5.4. http://www.tagged.com/forgot_password.html
5.5. http://www.tagged.com/help.html
5.6. http://www.tagged.com/index.html
5.7. http://www.tagged.com/safety.html
5.8. http://www.tagged.com/terms_of_service.html
7.1. http://www.tagged.com/safety.html
7.2. http://www.tagged.com/terms_of_service.html
9. Content type incorrectly stated
9.1. http://www.tagged.com/api/
9.2. http://www.tagged.com/favicon.ico
Severity: | High |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /api/ |
GET /api/?application_id=user Host: www.tagged.com Proxy-Connection: keep-alive Referer: http://www.tagged.com Origin: http://www.tagged.com X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:41:00 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 106 {"stat":"ok","diagnostics |
Severity: | High |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /api/ |
POST /api/?application_id=user Host: www.tagged.com Proxy-Connection: keep-alive Referer: http://www.tagged.com Origin: http://www.tagged.com X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Content-Type: application/x-www-form Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd Content-Length: 299 method=tagged.header method=tagged.util.echoIt method=tagged.util.echoIt |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:43 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 263 ["{\"stat\":\"ok\",\ |
Severity: | Medium |
Confidence: | Firm |
Host: | http://www.tagged.com |
Path: | /api/ |
POST /api/?application_id=user Host: www.tagged.com Proxy-Connection: keep-alive Referer: http://www.tagged.com Origin: http://www.tagged.com X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Content-Type: application/x-www-form Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd Content-Length: 299 method=tagged.header method=tagged.util.echoIt ...[SNIP]... |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:36:10 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 219 ["{\"stat\":\"ok\",\ ...[SNIP]... |
Severity: | Low |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /crossdomain.xml |
GET /crossdomain.xml HTTP/1.0 Host: www.tagged.com |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:35:30 GMT Server: Apache Last-Modified: Thu, 24 Mar 2011 16:12:27 GMT ETag: "1e6f19-15d-49f3cbe55f0c0 Accept-Ranges: bytes Content-Length: 349 Vary: Accept-Encoding,User Keep-Alive: timeout=300 Connection: Keep-Alive Content-Type: text/xml <?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml <cross-domain-policy> <site-control permitted-cross-domain ...[SNIP]... <allow-access-from domain="*.tagstat.com"/> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /help.html |
GET /help.html?topic=report Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:29 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 10175 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type="text/css" href="http://x.tagstat <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div> <link rel="stylesheet" type="text/css" href="http://x.tagstat ...[SNIP]... <div class="right_block"> <img alt="Tagged" src="http://x.tagstat.com <p class="align_center"> ...[SNIP]... <p> <a href="http://about-tagged <a href="http://about-tagged ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com <link rel="stylesheet" type="text/css" href="http://x.tagstat <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com <link rel="stylesheet" type="text/css" href="http://x.tagstat <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... <noscript> <img src="http://b.scorec </noscript> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /index.html |
GET /index.html?r=%2Fideas Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:28 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 36764 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head id="html_head"> <meta name="verify-v1" content="3D/41 ...[SNIP]... </title> <link rel="stylesheet" type="text/css" href="http://x.tagstat <script type="text/javascript" src="http://x.tagstat.com <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... <a href="http://www.tagged ...[SNIP]... <div class="row1"> <img src="http://x.tagstat.com </div> ...[SNIP]... <!-- Begin recaptcha --> <script type="text/javascript" src="http://api.recaptcha ...[SNIP]... <p> <a href="http://about-tagged <a href="http://about-tagged ...[SNIP]... <!-- Begin quantserve --> <script type="text/javascript" src="//edge.quantserve ...[SNIP]... <noscript><img src="//pixel.quantserve ...[SNIP]... <noscript> <img src="http://b.scorec </noscript> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /terms_of_service.html |
GET /terms_of_service.html? HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:13 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 49843 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Terms of Service</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type="text/css" href="http://x.tagstat <link rel="stylesheet" type="text/css" href="http://x.tagstat <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div> <link rel="stylesheet" type="text/css" href="http://x.tagstat ...[SNIP]... <div class="right_block"> <img alt="Tagged" src="http://x.tagstat.com <p class="align_center"> ...[SNIP]... <p>For more information about COPPA, please visit the <a href="http://www.ftc.gov/ ...[SNIP]... nor control over, advertisers' cookies or how they may be used. If you would like more information about advertisers' use of cookies, and about your option not to accept these cookies, please click <a href="http://www ...[SNIP]... <p> <a href="http://about-tagged <a href="http://about-tagged ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com <link rel="stylesheet" type="text/css" href="http://x.tagstat <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... <noscript> <img src="http://b.scorec </noscript> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | / |
GET / HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:35:30 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 36548 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head id="html_head"> <meta name="verify-v1" content="3D/41 ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... <!-- Begin recaptcha --> <script type="text/javascript" src="http://api.recaptcha ...[SNIP]... <!-- Begin quantserve --> <script type="text/javascript" src="//edge.quantserve ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /browse.html |
GET /browse.html HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:31 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 21267 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Browse</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type="text/css" ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /find_groups.html |
GET /find_groups.html HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:37 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 84366 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Find Groups</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type="text/ ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /forgot_password.html |
GET /forgot_password.html HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:36:03 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 11057 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Forgot Password</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type="t ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /help.html |
GET /help.html?topic=report Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:29 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 10175 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type="text/css" href="ht ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /index.html |
GET /index.html?r=%2Fideas Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:28 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 36764 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR <html> <head id="html_head"> <meta name="verify-v1" content="3D/41 ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... <!-- Begin recaptcha --> <script type="text/javascript" src="http://api.recaptcha ...[SNIP]... <!-- Begin quantserve --> <script type="text/javascript" src="//edge.quantserve ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /safety.html |
GET /safety.html HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:27 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 15513 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Safety, Security, and Privacy Overview</title> <noscript><meta http-equiv="X-Frame <link r ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /terms_of_service.html |
GET /terms_of_service.html? HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:13 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 49843 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Terms of Service</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type=" ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </div><script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </script> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... </link> <script type="text/javascript" src="http://x.tagstat.com ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | / |
TRACE / HTTP/1.0 Host: www.tagged.com Cookie: 2088ff0b496e714e |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:35:30 GMT Server: Apache Connection: close Content-Type: message/http TRACE / HTTP/1.0 Host: www.tagged.com Cookie: 2088ff0b496e714e Connection: Keep-Alive X-Forwarded-For: 173.193.214.243 |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /safety.html |
GET /safety.html HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:27 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 15513 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Safety, Security, and Privacy Overview</title> <noscript><meta http-equiv="X-Frame <link r ...[SNIP]... <a href="mailto:safetysquad@tagged.com"> ...[SNIP]... <a href="mailto:parentcare@tagged.com">parentcare@tagged.com</a> ...[SNIP]... <a href="mailto:lawenforcement@tagged.com">lawenforcement@tagged.com</a> ...[SNIP]... <a href="mailto:safetysquad@tagged.com">safetysquad@tagged.com</a> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | /terms_of_service.html |
GET /terms_of_service.html? HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept: application/xml Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:38:13 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-FRAME-OPTIONS: DENY Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 49843 <!DOCTYPE html> <html> <head id="html_head"> <title>Tagged - Terms of Service</title> <noscript><meta http-equiv="X-Frame <link rel="stylesheet" type=" ...[SNIP]... <a href="mailto:copyrightagent@tagged.com">copyrightagent@tagged.com</a> ...[SNIP]... <a href="mailto:parentcare@tagged.com">parentcare@tagged.com</a> ...[SNIP]... |
Severity: | Information |
Confidence: | Certain |
Host: | http://www.tagged.com |
Path: | / |
GET /robots.txt HTTP/1.0 Host: www.tagged.com |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:35:31 GMT Server: Apache Last-Modified: Wed, 02 Feb 2011 17:13:08 GMT ETag: "3d7aa9-1214-49b4fc3 Accept-Ranges: bytes Content-Length: 4628 Vary: Accept-Encoding,User Keep-Alive: timeout=300 Connection: Keep-Alive Content-Type: text/plain; charset=UTF-8 ######################### # /robots.txt file for http://www.tagged.com/ # mail webmaster@tagged.com for constructive criticism ######################### ...[SNIP]... |
Severity: | Information |
Confidence: | Firm |
Host: | http://www.tagged.com |
Path: | /api/ |
POST /api/?application_id=user Host: www.tagged.com Proxy-Connection: keep-alive Referer: http://www.tagged.com Origin: http://www.tagged.com X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Content-Type: application/x-www-form Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd Content-Length: 299 method=tagged.header method=tagged.util.echoIt ...[SNIP]... |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:36:10 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding,User Content-Type: text/html; charset=UTF-8 Content-Length: 219 ["{\"stat\":\"ok\",\ ...[SNIP]... |
Severity: | Information |
Confidence: | Firm |
Host: | http://www.tagged.com |
Path: | /favicon.ico |
GET /favicon.ico HTTP/1.1 Host: www.tagged.com Proxy-Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: S=k48nnbumc29k7tunhd |
HTTP/1.1 200 OK Date: Sun, 15 May 2011 18:35:40 GMT Server: Apache Last-Modified: Fri, 11 Jun 2010 16:40:44 GMT ETag: "20db5b-57e-488c3ccdedb00 Accept-Ranges: bytes Vary: Accept-Encoding,User Content-Type: text/plain; charset=UTF-8 Content-Length: 1406 ..............h.......(.. ...[SNIP]... |