1.1. http://102.xg4ken.com/media/redir.php [name of an arbitrarily supplied request parameter]
1.2. http://102.xg4ken.com/media/redir.php [url[] parameter]
1.3. http://2e76.v.fwmrm.net/ad/l/1 [cr parameter]
1.4. http://ad.br.doubleclick.net/getcamphist [src parameter]
1.5. http://ad.doubleclick.net/ad/N3340.scanscout.com/B4852812.30 [REST URL parameter 1]
1.6. http://ad.doubleclick.net/adi/N3671.TMP/B5159652.23 [REST URL parameter 1]
1.7. http://ad.doubleclick.net/adi/N553.158901.DATAXU/B4970757.4 [REST URL parameter 1]
1.8. http://ad.doubleclick.net/adi/lb.buzzillions/ [REST URL parameter 1]
1.9. http://www.supermedia.com/spportal/spportalFlow.do [REST URL parameter 2]
Severity: | High |
Confidence: | Certain |
Host: | http://102.xg4ken.com |
Path: | /media/redir.php |
GET /media/redir.php?prof=88 Host: 102.xg4ken.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 302 Found Date: Thu, 03 Feb 2011 20:31:21 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/4.3.9 Set-Cookie: kenshoo_id=7f1e123c-7cbf Location: http://info.mindjet.com d29cc9616d1=1 P3P: policyref="http://www Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://102.xg4ken.com |
Path: | /media/redir.php |
GET /media/redir.php?prof=88 Host: 102.xg4ken.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 302 Found Date: Thu, 03 Feb 2011 20:31:21 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/4.3.9 Set-Cookie: kenshoo_id=5768e8a0-3fce Location: http://info.mindjet.com d4b2f64cb5a P3P: policyref="http://www Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 |
Severity: | High |
Confidence: | Certain |
Host: | http://2e76.v.fwmrm.net |
Path: | /ad/l/1 |
GET /ad/l/1?last=0&ct=0&metr Host: 2e76.v.fwmrm.net Proxy-Connection: keep-alive Referer: http://www.veoh.com Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: _cph="1295039779.438.1.1, |
HTTP/1.1 302 Found Set-Cookie: _auv="g12288~1.1296769260 Set-Cookie: _cvr="1296769250^11894 Set-Cookie: _vr="1296769245.0 Set-Cookie: _sc="sg12288.1296767252 Set-Cookie: _wr="g12288";expires=Sat, 05 Mar 2011 21:41:00 GMT;domain=.fwmrm.net Location: ae913 56b335fe342 Content-Length: 0 Date: Thu, 03 Feb 2011 21:40:59 GMT Server: FWS P3P: policyref="http://www Set-Cookie: NSC_ozdbewjq3.gxnsn.ofu |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.br.doubleclick |
Path: | /getcamphist |
GET /getcamphist;src=1513429 Host: ad.br.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.apple.com/ipad Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: id=c653243310000d9 |
HTTP/1.0 302 Moved Temporarily Content-Length: 0 Location: http://metrics.apple.com 2e8dc5adfe9&A2S=1/respcamphist;src |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /ad/N3340.scanscout.com |
GET /62530%0d%0a230925b8b8/N3340.scanscout.com Host: ad.doubleclick.net Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: id=c653243310000d9 |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/62530 230925b8b8/N3340.scanscout.com Date: Thu, 03 Feb 2011 22:03:15 GMT Server: GFE/2.0 Connection: close <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N3671.TMP/B5159652 |
GET /333cd%0d%0a3e381d53e01/N3671.TMP/B5159652.23;sz Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://ad.doubleclick.net Accept: application/xml User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: id=c653243310000d9 |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/333cd 3e381d53e01/N3671.TMP/B5159652.23;sz Date: Fri, 04 Feb 2011 17:55:39 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/N553.158901.DATAXU |
GET /87fe3%0d%0a9a9fc1f6091/N553.158901.DATAXU Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://googleads.g Accept: application/xml User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: id=c653243310000d9 |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/87fe3 9a9fc1f6091/N553.158901.DATAXU Date: Fri, 04 Feb 2011 17:55:39 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://ad.doubleclick.net |
Path: | /adi/lb.buzzillions/ |
GET /9db3a%0d%0aa4d4062d9d8/lb.buzzillions/;net=lb;u Host: ad.doubleclick.net Proxy-Connection: keep-alive Referer: http://www.buzzillions Accept: application/xml User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: id=c653243310000d9 |
HTTP/1.1 302 Moved Temporarily Content-Type: text/html Content-Length: 36 Location: http://static.2mdn.net/9db3a a4d4062d9d8/lb.buzzillions/%3Bnet Date: Fri, 04 Feb 2011 01:50:01 GMT Server: GFE/2.0 <h1>Error 302 Moved Temporarily</h1> |
Severity: | High |
Confidence: | Certain |
Host: | http://www.supermedia.com |
Path: | /spportal/spportalFlow.do |
GET /spportal/spportalFlow.docdbde%0d%0ad36a9dd2cc?_flowExecutionKey= Host: www.supermedia.com Proxy-Connection: keep-alive Referer: http://www.supermedia.com Accept: application/xml User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,* Cookie: JSESSIONID=B97B42F53 |
HTTP/1.1 302 Moved Temporarily Server: Unspecified Date: Thu, 03 Feb 2011 19:19:10 GMT Location: https://www.supermedia d36a9dd2cc?_flowExecutionKey= Content-Length: 0 Connection: close |